SharePoint Foundation 2010 – Security Token Service unavailable

For a while I noticed a Event ID 3 error on my SharePoint deployment.

After much research, the solution to fix this is pretty simple!

Some background info: Under the health analyser, the security token service was marked as a service that could not start.

Event logs showed an error every hour, since the health analyser runs.

Error is:

Log Name:      Application
Source:        System.ServiceModel 3.0.0.0
Date:          7/14/2011 6:00:00 AM
Event ID:      3
Task Category: WebHost
Level:         Error
Keywords:      Classic
User:          NETWORK SERVICE
Computer:      109-104-81-240
Description:
WebHost failed to process a request.
Sender Information: System.ServiceModel.ServiceHostingEnvironment+HostingManager/41149443
Exception: System.ServiceModel.ServiceActivationException: The service ‘/SecurityTokenServiceApplication/securitytoken.svc’ cannot be activated due to an exception during compilation.  The exception message is: Exception has been thrown by the target of an invocation.. —> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. —> System.InvalidOperationException: The farm is unavailable.
at Microsoft.SharePoint.Administration.Claims.SPSecurityTokenServiceManager.get_Local()
at Microsoft.SharePoint.IdentityModel.SPSecurityTokenServiceConfiguration..ctor()
— End of inner exception stack trace —
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean fillCache)
at System.Activator.CreateInstance(Type type, Boolean nonPublic)
at System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
at System.Activator.CreateInstance(Type type, BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceHostFactory.CreateSecurityTokenServiceConfiguration(String constructorString)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceHostFactory.CreateServiceHost(String constructorString, Uri[] baseAddresses)
at Microsoft.SharePoint.IdentityModel.SPSecurityTokenServiceHostFactory.CreateServiceHost(String constructorString, Uri[] baseAddresses)
at System.ServiceModel.ServiceHostingEnvironment.HostingManager.CreateService(String normalizedVirtualPath)
at System.ServiceModel.ServiceHostingEnvironment.HostingManager.ActivateService(String normalizedVirtualPath)
at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath)
— End of inner exception stack trace —
at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath)
at System.ServiceModel.ServiceHostingEnvironment.EnsureServiceAvailableFast(String relativeVirtualPath)
Process Name: w3wp
Process ID: 53044

I resolved this issue by going into IIS, going to the security token application pool, advanced and saw that “enable 32-bit applications” was set to true, change this to false, re-run the analyser and bamb! Problem solved. 🙂

 

Hope this helps.

Advertisements

Tags: , , ,

5 Responses to “SharePoint Foundation 2010 – Security Token Service unavailable”

  1. José Says:

    I Have this problem and in my case the 32-bit is disabled.
    I notice that the directory C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\WebServices\SecurityToken has only 3 files: securitytoken.svc and the web.xml. So, when I run http://localhost:32843/SecurityTokenServiceApplication the result is “Web page not found”.
    The Central Administration of Share point also refer the problem with the service and suggest the link “http://go.microsoft.com/fwlink/?LinkID=160531 but this link redirect to http://technet.microsoft.com/pt-br/sharepoint/default.aspx.
    Could you let me know waht is the content of …/securitytoken directory?

  2. sharepointuzma Says:

    What do you see on your event log? The directory that I have contains securitytoken.svc, web XML file and windowstokencache.svc if this helps at all?

    What happens when you run: http://localhost/SecurityTokenServiceApplication/securitytoken.svc?

  3. José Says:

    Whem I run http://localhost/SecurityTokenServiceApplication/securitytoken.svc?
    then result is:

    Server Error in ‘/’ Application.
    ——————————————————————————–

    The resource cannot be found.
    Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.

    Requested URL: /SecurityTokenServiceApplication/securitytoken.svc

    ——————————————————————————–
    Version Information: Microsoft .NET Framework Version:2.0.50727.3623; ASP.NET Version:2.0.50727.3618

    Event log (in Portuguese):
    Nome do registo:Application
    Origem: System.ServiceModel 3.0.0.0
    Data: 04-08-2011 08:00:02
    ID do evento: 3
    Utilizador: spfarm
    Descrição:
    O Anfitrião na Web não conseguiu processar um pedido.
    Informações do Emissor: System.ServiceModel.ServiceHostingEnvironment+HostingManager/47096010
    Excepção: System.ServiceModel.ServiceActivationException: Não é possível activar o serviço ‘/SecurityTokenServiceApplication/securitytoken.svc’ devido a uma excepção durante a configuração. A mensagem de excepção é: As definições de protecção expandida configuradas no IIS não correspondem às definições configuradas no transporte. Consulte a excepção interna para obter detalhes.. —> System.NotSupportedException: As definições de protecção expandida configuradas no IIS não correspondem às definições configuradas no transporte. Consulte a excepção interna para obter detalhes. —> System.InvalidOperationException: Os valores ExtendedProtectionPolicy.PolicyEnforcement não são correspondentes. Uma política tem um valor de WhenSupported, enquanto a outra tem um valor de Never. Estes valores têm de corresponder de forma exacta.
    — Fim do rastreio da pilha de excepção interna —
    em System.ServiceModel.Channels.HttpChannelListener.ApplyHostedContext(VirtualPathExtension virtualPathExtension, Boolean isMetadataListener)
    em System.ServiceModel.Channels.HttpTransportBindingElement.BuildChannelListener[TChannel](BindingContext context)
    em System.ServiceModel.Channels.BindingContext.BuildInnerChannelListener[TChannel]()
    em System.ServiceModel.Channels.MessageEncodingBindingElement.InternalBuildChannelListener[TChannel](BindingContext context)
    em System.ServiceModel.Channels.BinaryMessageEncodingBindingElement.BuildChannelListener[TChannel](BindingContext context)
    em System.ServiceModel.Channels.BindingContext.BuildInnerChannelListener[TChannel]()
    em System.ServiceModel.Channels.Binding.BuildChannelListener[TChannel](Uri listenUriBaseAddress, String listenUriRelativeAddress, ListenUriMode listenUriMode, BindingParameterCollection parameters)
    em System.ServiceModel.Description.DispatcherBuilder.MaybeCreateListener(Boolean actuallyCreate, Type[] supportedChannels, Binding binding, BindingParameterCollection parameters, Uri listenUriBaseAddress, String listenUriRelativeAddress, ListenUriMode listenUriMode, ServiceThrottle throttle, IChannelListener& result, Boolean supportContextSession)
    em System.ServiceModel.Description.DispatcherBuilder.BuildChannelListener(StuffPerListenUriInfo stuff, ServiceHostBase serviceHost, Uri listenUri, ListenUriMode listenUriMode, Boolean supportContextSession, IChannelListener& result)
    em System.ServiceModel.Description.DispatcherBuilder.InitializeServiceHost(ServiceDescription description, ServiceHostBase serviceHost)
    em System.ServiceModel.ServiceHostBase.InitializeRuntime()
    em Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceHost.InitializeRuntime()
    em System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout)
    em System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
    em System.ServiceModel.ServiceHostingEnvironment.HostingManager.ActivateService(String normalizedVirtualPath)
    em System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath)
    — Fim do rastreio da pilha de excepção interna —
    em System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath)
    em System.ServiceModel.ServiceHostingEnvironment.EnsureServiceAvailableFast(String relativeVirtualPath)
    Nome do Processo: w3wp
    ID de Processo: 12104

    Evento Xml:

    3
    2
    5
    0x80000000000000

    38406
    Application

    System.ServiceModel.ServiceHostingEnvironment+HostingManager/47096010
    System.ServiceModel.ServiceActivationException: Não é possível activar o serviço ‘/SecurityTokenServiceApplication/securitytoken.svc’ devido a uma excepção durante a configuração. A mensagem de excepção é: As definições de protecção expandida configuradas no IIS não correspondem às definições configuradas no transporte. Consulte a excepção interna para obter detalhes.. —> System.NotSupportedException: As definições de protecção expandida configuradas no IIS não correspondem às definições configuradas no transporte. Consulte a excepção interna para obter detalhes. —> System.InvalidOperationException: Os valores ExtendedProtectionPolicy.PolicyEnforcement não são correspondentes. Uma política tem um valor de WhenSupported, enquanto a outra tem um valor de Never. Estes valores têm de corresponder de forma exacta.
    — Fim do rastreio da pilha de excepção interna —
    em System.ServiceModel.Channels.HttpChannelListener.ApplyHostedContext(VirtualPathExtension virtualPathExtension, Boolean isMetadataListener)
    em System.ServiceModel.Channels.HttpTransportBindingElement.BuildChannelListener[TChannel](BindingContext context)
    em System.ServiceModel.Channels.BindingContext.BuildInnerChannelListener[TChannel]()
    em System.ServiceModel.Channels.MessageEncodingBindingElement.InternalBuildChannelListener[TChannel](BindingContext context)
    em System.ServiceModel.Channels.BinaryMessageEncodingBindingElement.BuildChannelListener[TChannel](BindingContext context)
    em System.ServiceModel.Channels.BindingContext.BuildInnerChannelListener[TChannel]()
    em System.ServiceModel.Channels.Binding.BuildChannelListener[TChannel](Uri listenUriBaseAddress, String listenUriRelativeAddress, ListenUriMode listenUriMode, BindingParameterCollection parameters)
    em System.ServiceModel.Description.DispatcherBuilder.MaybeCreateListener(Boolean actuallyCreate, Type[] supportedChannels, Binding binding, BindingParameterCollection parameters, Uri listenUriBaseAddress, String listenUriRelativeAddress, ListenUriMode listenUriMode, ServiceThrottle throttle, IChannelListener& result, Boolean supportContextSession)
    em System.ServiceModel.Description.DispatcherBuilder.BuildChannelListener(StuffPerListenUriInfo stuff, ServiceHostBase serviceHost, Uri listenUri, ListenUriMode listenUriMode, Boolean supportContextSession, IChannelListener& result)
    em System.ServiceModel.Description.DispatcherBuilder.InitializeServiceHost(ServiceDescription description, ServiceHostBase serviceHost)
    em System.ServiceModel.ServiceHostBase.InitializeRuntime()
    em Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceHost.InitializeRuntime()
    em System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout)
    em System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
    em System.ServiceModel.ServiceHostingEnvironment.HostingManager.ActivateService(String normalizedVirtualPath)
    em System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath)
    — Fim do rastreio da pilha de excepção interna —
    em System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath)
    em System.ServiceModel.ServiceHostingEnvironment.EnsureServiceAvailableFast(String relativeVirtualPath)
    w3wp
    12104

  4. Vincent van Ederen Says:

    Hi Uzma,

    Just wanted to let you know that out of all the possible solutions, this was the one that cracked it for me.
    I thank you for this wisdom!

    Vincent
    Prisma ICT

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: