#StackBounty: #sharepoint-online #claims-based-auth #iis #windows-server #security-token-service SharePoint Claims Authentication Unabl…

Bounty: 100

I am troubleshooting SharePoint 2016 on Windows Server 2016, Security Token Service via this guide

Similar Warning is generated in Event Viewer every minute:

Security Token Service timed out [Correlation ID : 500ea79e-6e13-a069-1892-272724913fd1 ] with exception: System.TimeoutException: The request channel timed out while waiting for a reply after 00:01:00. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout. ---> System.TimeoutException: The HTTP request to 'http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc/actas' has exceeded the allotted timeout of 00:01:00. The time allotted to this operation may have been a portion of a longer timeout. ---> System.Net.WebException: The operation has timed out
   at System.Net.HttpWebRequest.GetResponse()
   at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
   --- End of inner exception stack trace ---
   at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
   at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
   at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
   --- End of inner exception stack trace ---

Server stack trace: 
   at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]: 
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at Microsoft.IdentityModel.Protocols.WSTrust.IWSTrustContract.Issue(Message message)
   at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr)
   at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst)
   at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo, SPRequestSecurityTokenProperties properties)

enter image description here


After looking multiple sources from the net, I verified the following:

The following services are running:

  1. Net.Msmq Listener Adapter
  2. Net.Pipe Listener Adapter
  3. Net.Tcp Listener Adapter

But it hit an Exception during Token Creation Testing:

enter image description here

Any help would be appreciated. Thank you.


Edit (1):

I did a iisreset. But failed. Below is the error shown:

“Restart attempt failed. The IIS Admin Service or the World Wide Web
Publishing Service, or a service dep endent on them failed to start.
The service, or dependent services, may had an error during its
startup or may be disabled.”

The following error was shown in Event Viewer:

SharePoint booted. Process Name: [w3wp] App Pool:
[SecurityTokenServiceApplicationPool], Process ID: [0xE784], App
Domain Name and ID
[/LM/W3SVC/2/ROOT/SecurityTokenServiceApplication-1-131880192837858426],2,
Command Line [c:windowssystem32inetsrvw3wp.exe -ap
“SecurityTokenServiceApplicationPool” -v “v4.0” -l “webengine4.dll” -a
.pipeiisipmeed88587-f303-42c8-83cd-12586dsdff7b -h
“C:inetpubtempapppoolsSecurityTokenServiceApplicationPoolSecurityTokenServiceApplicationPool.config”
-w “” -m 0]


Edit (2):

I was able to provision SecureTokenServiceApplication without errors.

Powershell commands:

$sts = Get-SPServiceApplication | ?{$_ -match “Security”}

$sts.Status

$sts.Provision()​

p.s. $sts.Status output is Online


Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.