Problem
You find the following entry in the SharePoint 2010 Central Administration Review problems and solutions All Reports listing:
And looking in the Windows Server Application log, you see the following error event occuring once every 15 minutes:
You find the following entry in the SharePoint 2010 Central Administration Review problems and solutions All Reports listing:
Title | The Security Token Service is not available |
Severity | 2 - Warning |
Category | Availability |
Explanation | The Security Token Service is not issuing tokens. The service could be malfunctioning or in a bad state. |
Remedy | Administrator should try to restart the Security Token Service on the boxes where it is not issuing tokens. If problem persists, further troubleshooting may be available in the KB article. For more information about this rule, see "http://go.microsoft.com/fwlink/?LinkID=160531". |
Failing Servers | [NameOfFailingServer] |
Failing Services | SPSecurityTokenService (SecurityTokenService) |
Rule Settings | View |
And looking in the Windows Server Application log, you see the following error event occuring once every 15 minutes:
SolutionLog Name: Application Source: Microsoft-SharePoint Products-SharePoint Foundation Date: [date/time] Event ID: 8306 Task Category: Claims Authentication Level: Error Keywords: User: [domain\FarmServiceAccount] Computer: [NameOfFailingServer] Description: An exception occurred when trying to issue security token: Could not connect to http://localhost:[port]/SecurityTokenServiceApplication/securitytoken.svc/actas. TCP error code 10061: No connection could be made because the target machine actively refused it 127.0.0.1:[port]. . Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-SharePoint Products-SharePoint Foundation" Guid="{6FB7E0CD-52E7-47DD-997A-241563931FC2}" /> <EventID>8306</EventID> <Version>14</Version> <Level>2</Level> <Task>47</Task> <Opcode>0</Opcode> <Keywords>0x4000000000000000</Keywords> <TimeCreated SystemTime="[date/time]" /> <EventRecordID>29898</EventRecordID> <Correlation ActivityID="{4F0A4944-93C2-44D8-9C81-68162604774B}" /> <Execution ProcessID="7128" ThreadID="3156" /> <Channel>Application</Channel> <Computer>[NameOfFailingServer]</Computer> <Security UserID="S-1-5-21-3026233045-20759957-1393672501-82644" /> </System> <EventData> <Data Name="string0">Could not connect to http://localhost:[port]/SecurityTokenServiceApplication/securitytoken.svc/actas. TCP error code 10061: No connection could be made because the target machine actively refused it 127.0.0.1:[port]. </Data> </EventData> </Event>
- Solution A: Restart the Security Token Service application pool:
- As Administrator, launch IIS Manager.
- In the Connections pane (at left), expand the tree to view Application Pools.
- Select Application Pools. This updates the results pane (center pane).
- Right-click on SecurityTokenServiceApplicationPool, and then click Stop.
- Right-click on SecurityTokenServiceApplicationPool, and then click Start.
- Go back to Central Administration, Review problems and solutions :All Reports view.
- Click on the issue, The Security Token Service is not available.
- Click Re-analyze Now.
- Click Close.
- Refresh after several minutes.
- Solution B: Re-provision the service
- Launch the SharePoint Management Shell as Administrator.
- Run the following script:
$sts = Get-SPServiceApplication | ?{$_ -match "Security"} $sts.Status $sts.Provision()
- Go back to Central Administration, Review problems and solutions :All Reports view.
- Click on the issue, The Security Token Service is not available.
- Click Re-analyze Now.
- Click Close.
- Refresh after several minutes.
No comments:
Post a Comment