Yesterday, I was having trouble trying to publish a Visual Studio web app to the wwwroot folder. I could publish it to other folders. The suggested solution to fix the issue was to give the logged on user full rights to the folder. That worked, but I was puzzled because the active user, BESI-CHAD/CHAD, was an Admin user (see image at the bottom of the linked page.)
Now, I am trying to uninstall and re-install TFS and I get the following error suggesting that the user Chad is not in the ServerAdmin role-but I am in that role!
What is going on here?
Error [ Configuration Database ] TF255286: An error occurred while verifying you have the SQL server permission or role membership: serveradmin. You may not even have enough permissions to check. Consider adding your account to the sysadmin server role. The server hosting the databases is BESI-CHAD. The error was: TF30040: The database is not correctly configured. Contact your Team Foundation Server administrator.. See the log for more details.
I ended up using another SQL instance for my TFS db server, an express instance. That worked. I didnt really want another instance. Now, I want to know what happened. If there is a good theory, I might blow away Express and reinstall TFS again.
THis was a while back, but if memory serves, I was an Amdin on the SQL server but did not have rights to the db.
Related
Note: I've found several questions similar on here, but the one's that were resolved did not work for me. So I thought I'd open a new question.
I rebooted our server 2012 box, which hosts our new .net applications. After doing so, I started receiving a 503 error. Upon investigation, it seemed like an identity problem.
Before going much further, I should state that this account has worked for several months now. I've rebooted before, and everything started fine.
So I'm getting the (quite common) 5059, 5057, and 5021 errors in the log. They boil down to this:
The identity of application pool SVFileUpload is invalid. The user name or password that is specified for the identity may be incorrect, or the user may not have batch logon rights. If the identity is not corrected, the application pool will be disabled when the application pool receives its first request. If batch logon rights are causing the problem, the identity in the IIS configuration store must be changed after rights have been granted before Windows Process Activation Service (WAS) can retry the logon. If the identity remains invalid after the first request for the application pool is processed, the application pool will be disabled. The data field contains the error number.
I thought I would just ensure the password and account were correct, so I go to the application pool, select identity-> custom and ensure it's set up right. I get an error:
There was an error while performing this operation. Details: Keyset does not exist (Exception from HRESULT: 0x80090016)
This was strange to me, so I tried setting the app pool to a built in account, and it worked fine. I get this error anytime I try to set to a custom account. Also, no app pools that are using custom accounts will run.
I googled a bit, unsure which error was the one I needed to track. I have tried:
registering the account on the command line via the aspnet_ tool
Making sure the user was in the IIS_IUSRS group
changing the permissions on C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys file(s)
adding a completely new user and trying to set an app pool to that users account
There was a couple other random things I tried from googling but I don't remember.
This error doesn't make sense to me, and it seems random. I need help figuring out 1) why I can't set an app pool to a custom account and 2) why the identity isn't working for my applications anymore
-Edit
I recently removed and re-added the user account I've been working with. I think that solves that problem. The problem remaining is I can't update the application pool because of the "keyset does not exist" error.
I found a couple of links that led me to a solution.
In c:\windows\system32\inetsrv\config\applicationHost.config I removed all the configProtectedData entries.
Then I removed everything in %ALLUSERSPROFILE%\Microsoft\Crypto\RSA\MachineKeys
I ran iissetup.exe /install SharedLibraries from the inetsrv directory, which resulted in a "Failed = 0x80070005"
I then was able to set up my application pools as if nothing happened.
See also https://techcommunity.microsoft.com/t5/IIS-Support-Blog/Keyset-does-not-exist-exception-from-HRESULT-0x8009000D-or-or/ba-p/342955 for a more detailed explanation
I ran the iisreset command and my problem was sovled
I had the same error-message because my user was not member of the "Local Administrators" group.
I was able to connect to the server because I was member of the "Remote Desktop Users" group.
I was able to open IIS Management and to change settings, but when I clicked on the "OK" or "Save" button - I got the "Keyset does not exist" - error message.
So my advice - check if you are an administrator.
I tried to change the Identity of Application Pool on a remote server and it failed with the above error.
I RDP into the remote machine and then tried to update the Identity using local IIS Manager and it worked.
For anyone on Windows server 2008 stumbling into this error:
this may occur when you are managing the IIS instance from another server using the remote management feature ('connect to another computer').
I resolved by managing the IIS instance from the server itself.
https://support.microsoft.com/en-hk/help/977754/-keyset-does-not-exist-error-message-when-you-try-to-change-the-identi
Since I am working on a fresh server I was able to uninstall the IIS Windows Feature and then re-add it.
I was able to change the App Pool Identity after that with no issues.
delete the rsa found here C:\Users\usernamn\AppData\Roaming\Microsoft\Crypto\RSA
MAKE A BACKUP JUST TO BE SURE WORKED FOR ME
Our Sharepoint 2013 Application failed to install and is stuck in a odd state. I followed the recommended approach for deleting the application using powershell commands on the hosted Sharepoint server, but it doesn't execute properly.
Visual Studio Deployment/Retract Reports:
Skipping the uninstall step because the app for SharePoint is in an invalid state and cannot be uninstalled.
PowerShell Commands
$instances = Get-SPAppInstance -Web http://mysite/sites/collection
$instance = $instances | where {$_.Title -eq 'Application.Title'}
Uninstall-SPAppInstance -Identity $instance
Executing this PS command throws...
The System Account cannot perform this action.
There is no option from the Sharepoint UI to remove the application, and retrying the install also fails. I've tried other user accounts to execute this powershell command (other than the system account), but no dice. I will have to delete the developer site collection if there is no other solution.
I'm faced this problem before on my Office 365 SharePoint Online when deploy SharePoint Hosted App. Then I submit Microsoft Service request and work with MS Technical Support Team on this issue. This problem seem to be something error in SharePoint backend database by itself (I'm not sure to consider it is SharePoint defect).
Did you check the app details installation error report? If you get the message:
"The content database on the server is temporarily unavailable."
Need help: Error 'Install App for SharePoint': An instance of this App already exists at the specified location., I'm quite not understand the answer but there is one comment from Jeremy Thake which seem to be deleted on this thread, he said that:
"…so I actually just restarted the whole environment and when Windows
came back up and I went to the SharePoint Site…the App was gone ;-)"
So here is my advice before you commit to delete your site collection:
Try to deploy your to the another developer site collection and check whether this problem still occur as the same.
Try to increase your app version or change app name/title/id and deploy to the same site collection and check whether this problem still occur as the same to your new app instance.
For SharePoint Server, try to restart IIS/Window Server if you're able to do that. Also install any latest SharePoint Update/CU.
For Office365 - SharePoint and have you have license account, you should submit the service request, if not you should wait about several day and try to remove this app instance again through UI.
Hope you can remove your app and know the root cause exactly.
I have faced this issue some times in on-premises SharePoint.
But for solving this I gave another account (or you can use 1 that you have) shell admin rights.
Note this account CAN'T be marked as a System account on SharePoint!!
Then with this different shell admin account you execute the same script. That always worked for me (I also got some strange installation behavior and needed do remove the app).
I was running my application with no errors locally, but when added Windows Azure project, set up the database config, generated the packages and ran in stage mode, I just can get 500 internal errors.
My app has some redirections for logged and non logged users.
I tried to follow some answers about the problem with no results. When I run the application locally with the emulator everything runs ok.
I didn't set any permission or user anywhere in my SQL or Windows Azure panel. As I don't have any experience with Windows Azure, please explain steps on how to do things =)
Now, after reading almost 20 articles, I realized that I was using the old Membership and Session Providers, and that the old aspnet_regsql doesn't fit Windows Azure.
So, the first action of my application was watch if the user was logged in. Because of that, the 500 Internal errors.
Articles that helped me a lot:
http://geekswithblogs.net/ranganh/archive/2011/06/21/using-the-asp.net-membership-api-wish-sql-server--sql.aspx
http://www.hanselman.com/blog/IntroducingSystemWebProvidersASPNETUniversalProvidersForSessionMembershipRolesAndUserProfileOnSQLCompactAndSQLAzure.aspx
I've just installed Sharepoint Foundatuion on my W2008 64bit server and got it up and running as far as being able to access the Central Admin etc just fine.
I did have to disable 32 bit apps in the application pools for all the SP sites and also, following a tip on here, add a config option for bitness64 as a prerequisite for the services.
However whenever I try to access the "Sharepoint - 80" site itself (or another site collection I created in the admin tool), I am getting an unhelpful 500 error. The log doesn't add anything - I can't find anything to give me a clue as to what it's complaining about.
The server is a hosted VPS and all services like SQL are running locally (and are OK).
Any ideas where I look next?
M
This turned out to be an incorrect specification of the dependencies for the Sharepoint14Module in applicationHost.config
In order to locate the issue I enabled Failed Request Tracing on the server and examined the logs that get output as a result. The preconditions for the module were incorrectly specified (appPool1,bitness64;appPool2,bitness64 instead of appPool1;appPool2,bitness64). Fixing this the sites sprung in to life :)
M
I have deployed a web site to a Win 2008 Web server with IIS7. The site works fine on a Win 2003 Standard server with IIS6. On the 2008 box, whenever I request a page (htm or aspx) from a folder named Reports, I get challenged with the Windows Authentication dialog box.
I have Anonymous Authentication and Forms Authentication enabled on the site. I applied Full Control permissions to the root of the site for both NETWORK SERVICE and IIS_IUSRS, but that hasn't make a difference.
Like a previous post already mentioned, here are the detailed steps to fix this:)
If there is a folder in the application named "Reports" and SQL Server Reporting Services are installedon the server, then Reporting Services Virtual Directory folder that is also named "Reports" will be in conflict with the application "Reports" folder.
To fix this open Reporting Services Configuration Manager (Start->All Programs->MS SQL Server->Configuraton Tools) and change the Virtual Directory under the "Report Manager URL" in the menu on the left.
Did you install MSSQL Reporting Services on your new machine? It'll use the Reports folder for the reporting toolkit (default setting) and under MSSQL 2008 you can't enable anonymous Access out of the box.
whats is the authentication mode in your web.config, verify that is not in Windows
<authentication mode="Windows" />
also be sure to disable integrated windows authentication in iis
You could try running FileMon from SysInternals to see if it is the file system that is sending back the "access denied".
Quote from another forum that solved this issue for me:
"SQL Server Reporting Services creates a folder called Reports by default if you install it on IIS. If you install SQL 2008 then Reporting Services doesn't need to use IIS and instead will try to reserve the URL with the HTTP.Sys service.
I believe this is the cause of the conflict you are seeing. What you could try is changing the URL that Reporting Services uses via the SQL Server Reporting Services Configuration Manager."
Well speaking on the same subject here, yesterday I was deploying my application on Windows Server 2008 running IIS7 w/MSSQL 2008 on there too. In my website's tree structure I had a folder named Reports that had a subfolder in it, and then the actual pages. It looked like this "Reports/SalaryReports/SalaryReport.aspx" The interesting thing was that when I clicked on a hyperlink to go to "Reports/SalaryReports/SalaryReport.aspx" I got a username/password prompt from my server. This did not happen on the VS development server when I ran the application on the development machine. So I was like hmm? I looked at the code-behind in SalaryReport.aspx and did not find anything unusual. So then I put a Default.aspx directly in the Reports folder (thinking maybe it was something wrong with the authentication going two nodes down from the root to get to SalaryReport.aspx) but the server still requested username/password even though there was no security settings applied to this new Default.aspx. So I figured it must be that the folder is named "Reports", so I renamed it to "Reports1" and bigno! Everything worked!....I will still look further in this issue today, but it seems that either an IIS 7 HttpModule (not one of mine) is trying to "reserve" the folder that is named "Reports" for itself or something else...I'll look into the SQL Server Reporting services as the above post mentioned...
Anyways, just wanted to share:)
I'm supposing you don't have a SQL Reporting Services running on the same server:
1 - Give rights to user "IUSR" and the user that's running your application pool.
2 - Overwrite child folder permissions and ownership.
2 - Check if there's a web.config file on that folder setting different access rules.