0 comments

Windows 2008 R2 Certificate Authority Application Pool Crashes

Published on Wednesday, January 30, 2013 in ,

Recently I had a customer where they had a Certificate Authority in a lab environment and one in a production environment. At first sight both seemed to function correctly. However SCOM (System Center Operations Manager, a monitoring solution) was showing various events of application pool crashes for both environments. The application pool belonged to the CA Web Enrollment pages. When investigating the the Event log on those machines we found the following events to be recurring:

image

In words:

Faulting application name: w3wp.exe, version: 7.5.7601.17514, time stamp: 0x4ce7afa2
Faulting module name: scrdenrl.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a5bc7f2
Exception code: 0xc0000005
Fault offset: 0x000007fef9402594
Faulting process id: 0x10b4
Faulting application start time: 0x01cdee76c8747cfb
Faulting application path: c:\windows\system32\inetsrv\w3wp.exe
Faulting module path: scrdenrl.dll
Report Id: 795f74be-5a8c-11e2-8b2c-005056ac0079

And also:

image

In words:

A process serving application pool 'DefaultAppPool' terminated unexpectedly. The process id was '4276'. The process exit code was '0xff'.

The events were recurring, but not very exact. Sometimes it was about every 5 minutes, but sometimes it was once an hour, or even once a day. They only thing we could say that it occurred at least once a day. Besides those events, I couldn’t find anything out of the ordinary on those machines. So off to plan B: google gave me this: TechNet Forums: Prolific number of Windows error reports pertaining to 2008 R2 certificate services.

This seemed to match my problem exactly. I tried the suggestion: removed the CA web components/IIS, reboot, reinstalled. Quickly the events reappeared. The Second thing I noticed here was that SCOM was also involved. Of course, it could be the causing it or the one noticing it….  Disabling the SCOM agent didn’t help. So I started digging deeper. I started looking at the IIS logs. I could see that whilst the CA isn’t visited that regularly, still a lot of requests where logged at frequent intervals. The user agent of the request was mentioning SCOM, so it was pretty obvious this was part of some monitoring configuration.

I asked the guy responsible for SCOM, and besides the regular host based monitoring, they also added URL monitoring (for /certsrv). After disabling this URL monitoring the events stopped occurring. So somehow SCOM doesn’t plays to nice with its requests. I’m not sure why it causes the application pool to crash, maybe it’s something which has to be fixed on the Certificate Authority side, but I’m glad at least I found out WHAT was causing it!

0 comments

FIM 2010 R2: Create FIM MA error

Published on Friday, January 11, 2013 in ,

Recently I came across the following error when trying to import a FIM Synchronization Server configuration:

image

In words: Failed to connect to the specified database. The extension operation aborted due to an internal error in FIM Synchronization Service.

Not only was I seeing this when importing the configuration, but also when manually trying to create a FIM MA. Whilst it says it has problems trying to connect, it has nothing to do with either the database or FIM Service base address. Even filling in random stuff results in this error immediately. So something had to be wrong with the Synchronization Service or the management console.

The odd thing was that I didn’t had this error when migrating from Development to Test or Test to Acceptance. So what was off with the Production server?! After a bit of googling I stumbled upon this post:

TechNet Forums: FIM 2010 R2 Error when creating FIM MA

Well I can tell you, I wasn’t going to install .NET 4.0 on the Dev, Test, Acc environment just because a fresh installed FIM server was behaving odd. After looking around on the server and verifying all installed updates I couldn’t find anything specific until I verified the installed software. Seems that somewhere in the staging process of the server the “Microsoft .NET Framework 4 Client Profile” got installed. I didn’t saw it on the other servers, so I went forward, uninstalled, rebooted and voila!

I’m not sure whether a lot of people will stumble on this, but for those that do, I hope this post helps!