Search
The community for Microsoft Office SharePoint Server champions!
// Home / Posting Detail
 RSS 2.0    Atom 1.0

False Expiry messages in SharePoint

The lowdown is: If you specify accounts for the app pool identity the accounts you choose need to be in the local WSS_ADMIN_WPG group. This doesn't seem to happen automatically.

The long answer is: I installed a brand new MOSS server B2TR slipstreamed on a non DC (so it wasn't this problem - although I did try this and it didn't work) and was able to get into the Central Admin console OK. I then proceeded to go through all the configuration and setup the Shared Services web site and the My Sites web site. I configured both of these with Kerberos (as was the central admin) and fixed up all the SPN stuff and host headers etc. I then tried to access both of these sites and I got the following error messages:

In Shared Services: "The trial period for this product has expired"

In My Sites: "The evaluation version of Microsoft Office SharePoint Server 2007 (Beta) for this server has expired"

I then noticed that I had the following DCOM error in the event log each time I hit the respective page:

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10016
Date:  2/11/2006
Time:  1:51:00 PM
User:  DOMAIN\account
Computer: MOSS2007
Description:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{61738644-F196-11D0-9953-00C04FD919C1}
 to the user DOMAIN\account SID (S-1-5-21-somesid).  This security permission can be modified using the Component Services administrative tool.

The CLSID {61738644-F196-11D0-9953-00C04FD919C1} turns out to be the IIS WAMREG Admin Service. So I added the accounts in the DCOM Config to allow Local Activation and reset IIS. Now I wasn't getting any Event Log errors but I still had the expiry messages. So I decided it was still a privileges problem and added them to Administrators and did IISRESET and it all worked! So then I thought lets drop the privileges down a level and I added them to the WSS_ADMIN_WPG local group instead and it worked. I assume this will be fixed in release.

This may have nothing to do with choosing Kerberos but purely to do with setting App Pool Identities it's just that this is the scenario I was configuring. (NOTE: This does have nothing to do with Kerberos - just tested with Integrated and the same thing happens)

Published Thursday, 2 November 2006 4:33 PM by angemac

Comments

 

funny wallpaper » Sharepoint resources said:

PingBack from http://housesfunnywallpaper.cn/?p=8055

September 30, 2008 1:48 AM
Anonymous comments are disabled

Recent Posts

Tags

Archives

Champion Blogs