0X0000055F

Fix ERROR_TOKEN_ALREADY_IN_USE (0x0000055f)

Windows Errors Intermediate 👁 1 views 📅 May 27, 2026

Token already in use. You're trying to start a service with a primary token that's already assigned. The real fix is restarting the service or fixing impersonation calls.

Quick answer for advanced users

This error means a primary token was assigned twice in the same process. Restart the service or kill the process. If that doesn't work, check your CreateProcessAsUser or DuplicateTokenEx calls — you're passing a primary token where an impersonation token is expected.

What's actually happening here

I've seen 0x0000055f pop up in two main scenarios. First, when a Windows service tries to start but another instance of the same service already holds the token as primary. This happens a lot on Windows Server 2019 terminal servers running third-party software that handles user sessions. Second, when a developer's code calls CreateProcessAsUser with a token that's already set as the primary token of another thread or process. The OS doesn't let you reuse a primary token — each token can only be primary for one process at a time.

The error code 0x55f is the hex for ERROR_TOKEN_ALREADY_IN_USE. The kernel's token manager tracks this tightly. If you see this in event logs (Event ID 7031 or 7034 for services), you're dealing with a stale token handle.

Fix steps

  1. Restart the service or application. Open Services.msc, find the service showing the error, right-click, and select Restart. If it's not a service, kill the process with Task Manager and start fresh. This clears the primary token assignment.
  2. Check for duplicate instances. Run tasklist /v | findstr "[service name]" in an elevated command prompt. If you see multiple PIDs, kill all of them with taskkill /f /pid [PID] for each one except the one you want to keep.
  3. Fix impersonation code (developers). If you're writing code that creates tokens, make sure you call DuplicateTokenEx with SecurityImpersonation for impersonation tokens and SecurityIdentification only when needed. A primary token should only come from CreateProcessAsUser or NtCreateToken with a fresh handle. Never pass the same token handle to CreateProcessAsUser twice.
  4. Audit token handle leaks. Use Process Explorer (Sysinternals) to view the token handles of the process. If the process has multiple primary token handles open, something's leaking. Restart the service to clear the handles, then fix the code that's leaking them.

Alternative fixes if the main ones fail

  • Reboot the machine. This clears all token handles system-wide. It's crude but works 90% of the time if the error keeps happening.
  • Disable and re-enable the service. Run sc config [service name] start= disabled then net start [service name] after a reboot. This forces the service to request a new token on start.
  • Check for antivirus interference. Some AV software (looking at you, McAfee Endpoint Security v10.7) can lock token handles during process creation. Temporarily disable AV and test. If the error stops, add an exclusion for the service.

Prevention tip

If you're a developer, always call DuplicateTokenEx before passing a token to CreateProcessAsUser. That gives you a fresh handle with the same attributes. Also, close the original token handle with CloseHandle after duplicating — that prevents accidental reuse. For admins, set up a scheduled task to restart the service during off-hours if it's a known flaky service. I've seen this fix keep terminal servers stable on Windows Server 2022 for months.

Was this solution helpful?

ERROR_TOKEN_ALREADY_IN_USE 0x0000055f token already in use Windows error 0x55f primary token conflict service token error impersonation token fix duplicate token handle Windows service crash CreateProcessAsUser token error NtCreateToken error token duplication issue Windows Server 2019 token error Windows 11 error 0x55f service start failure