none
MOSS 2007 extranet's external FBA login stops working, can't trace cause

    Question

  • We have an extranet site. The CA server is internal, with an external DMZ server that hosts the extended site. The external site connects to LDAP via FBA.

    Every so often, the login.aspx page comes up without any core.css formatting or fonts, and users are unable to log in. When they try to submit their login they're re-prompted.

    What has worked in the past is overwriting the web.config (containing connections to our LDAP server) with a known good copy. Recently, in addition to the overwrite, we've had to run an IISRESET.

    The "default" internal site, connected to the local domain, works fine and without interruption.

    The web.config 'fix' worked for a couple years, but recently it has been happening more frequently, almost daily. Last time it occurred, I noted that the 'bad' web.config's Modify date hadn't changed. A file compare shows them to be identical.

    Has anyone seen something like this before? The only site customizations are the standard web.config connections to LDAP.

    Much thanks,

    Scott


    • Edited by scogordo Tuesday, January 31, 2012 9:52 PM
    Tuesday, January 31, 2012 5:06 PM

All replies

  • Hello Scott,

     

    Thank you for your post.

     

    This is a quick note to let you know that we are performing research on this issue.

     

    Thanks,


    Pengyu Zhao

    TechNet Community Support

    Friday, February 03, 2012 9:35 AM
  • Thanks! Look forward to the response.

    Bandaid for now is an IISRESET scheduled task every 7am.  So far so good, but ?

    Friday, February 03, 2012 6:30 PM
  • Update: IISRESET alone isn't the solution. Checked the external FBA login page this morning and it was again stripped of css and users were unable to log in. restoring the web.config and iisreset resolved.

    Thanks,

    Scott

    Monday, February 06, 2012 3:03 PM
  • Hi,

    That is a reallystrange issue.   Since the web.config files are identical I do not suspect it is the cause.  Are you seeing any .NET error messages in the
    event viewer during this time?  Is login.aspx on the SharePoint server or is it located somewhere else?   If its on the server and during the failure
    times, have you tried browsing directly to the server bypassing any proxy/firewalls and checked behavior? 
    Use a host file entry on the client machine to mapping the host header of the site to the IP of a particular server.

    Since the .css / fonts may look a little strange, have you confirmed that AAM(alternate accessmappings) settings in SharePoint are correct? I've seen issues in the past where AAM's sent incorrectly would cause look and feel to be not be correct.



    Regards, Savoeurn Va Microsoft Online Community Support

    Tuesday, February 07, 2012 11:41 PM
  • Hi Savoeurn,

    Think I found it. Rechecked and found this warning is in Event Viewer. Not sure what to do with it at this point.

     

    Event Type:      Warning

    Event Source:   ASP.<stockticker>NET</stockticker> 2.0.50727.0

    Event Category:            Web Event

    Event ID:          1310

    Date:                <date Day="7" Month="2" Year="2012" ls="trans">2/7/2012</date>

    Time:                <time Hour="7" Minute="59">7:59:27 AM</time>

    User:                N/A

    Computer:        EXT_WFE_05

    Description:

    Event code: 3006

    Event message: A parser error has occurred.

    Event time: <date Day="7" Month="2" Year="2012" ls="trans">2/7/2012</date> <time Hour="7" Minute="59">7:59:27 AM</time>

    Event time (UTC): <date Day="7" Month="2" Year="2012" ls="trans">2/7/2012</date> 12:59:27 PM

    Event ID: 074d8ba6b9ee449788f628b5c24837f9

    Event sequence: 5

    Event occurrence: 1

    Event detail code: 0

     

    Application information:

        Application domain: /LM/W3<stockticker>SVC</stockticker>/1942070397/Root-2-129730931633527246

        Trust level: Full

        Application Virtual Path: /

        Application Path: C:\PATH\WEBSITE\

        Machine name: EXT_WFE_05

     

    Process information:

        Process ID: 3052

        Process name: w3wp.exe

        Account name: DOMAIN\ADMINLOGIN

     

    Exception information:

        Exception type: HttpException

        Exception message: Could not load file or assembly 'Microsoft.SharePoint' or one of its dependencies. The system cannot find the file specified.

     

    Request information:

        Request URL: https://IP.AD.DR.ES:443/_layouts/login.aspx?ReturnUrl=A parser error has occurred.f_layoutsA parser error has occurred.fAuthenticate.aspx2/7/2012 7:59:27 AMfSource2/7/2012 7:59:27 AMd%252f&Source=A parser error has occurred.f

        Request path: /_layouts/login.aspx

        User host address: SE.RV.ER.IP

        User: 

        Is authenticated: False

        Authentication Type: 

        Thread account name: DOMAIN\ADMINLOGIN

     

    Thread information:

        Thread ID: 1

        Thread account name: DOMAIN\ADMINLOGIN

        Is impersonating: False

        Stack trace:    at System.Web.Compilation.BuildManager.ReportTopLevelCompilationException()

       at System.Web.Compilation.BuildManager.EnsureTopLevelFilesCompiled()

       at System.Web.Hosting.HostingEnvironment.Initialize(ApplicationManager appManager, IApplicationHost appHost, IConfigMapPathFactory configMapPathFactory, HostingEnvironmentParameters hostingParameters)

     

     

    Custom event details:

    For more information, see Help and <place><placename>Support</placename> <placetype>Center</placetype></place> at http://go.microsoft.com/fwlink/events.asp.

    Thursday, February 09, 2012 2:47 PM
  •  

    Event Type:      Information

    Event Source:   ASP.<stockticker>NET</stockticker> 2.0.50727.0

    Event Category:            Web Event

    Event ID:          1315

    Date:                <date Day="8" Month="2" Year="2012" ls="trans">2/8/2012</date>

    Time:                <time Hour="19" Minute="7">7:07:11 PM</time>

    User:                N/A

    Computer:        EXT_WFE_05

    Description:

    Event code: 4005

    Event message: Forms authentication failed for the request. Reason: The ticket supplied has expired.

    Event time: 2/8/2012 7:07:11 PM

    Event time (UTC): 2/9/2012 12:07:11 AM

    Event ID: 947c41d277e541c8b1c9cf1f4dce5dee

    Event sequence: 5320

    Event occurrence: 20

    Event detail code: 50202

     

    Application information:

        Application domain: /LM/W3<stockticker>SVC</stockticker>/1942070397/Root-1-129731865224735590

        Trust level: WSS_Custom

        Application Virtual Path: /

        Application Path: C:\PATH\WEBSITE\

        Machine name: EXT_WFE_05

     

    Process information:

        Process ID: 11584

        Process name: w3wp.exe

        Account name: DOMAIN\ADMINLOGIN

     

    Request information:

        Request URL: https://EXTERNAL.SITE.URL:443/_layouts/login.aspx?ReturnUrl=Forms authentication failed for the request. Reason: The ticket supplied has expired.ftvcorpForms authentication failed for the request. Reason: The ticket supplied has expired.fSITE+DOCUMENTLIBRARY authentication failed for the request. Reason: The ticket supplied has expired.fFormsForms authentication failed for the request. Reason: The ticket supplied has expired.fAllItems.aspx2/8/2012 7:07:11 PMfRootFolder2/8/2012 7:07:11 PMd%SITE/FOLDER/SUBFOLDERCTID2/8/2012 7:07:11 PMd0x012000CA42614391FEB7428E9B1A554DD8F0B4%26View2/8/2012 7:07:11 PMd%257bA16F6972%252d8531%252d4079%252dB44D%252dFF86A1046211%257d&RootFolder=Forms authentication failed for the request. Reason: The ticket supplied has expired.ftvcorpForms authentication failed for the request. Reason: The ticket supplied has expired.fSITE+DOCLIBForms authentication failed for the request. Reason: The ticket supplied has expired.fFOLDER+SUBFOLDER authentication failed for the request. Reason: The ticket supplied has expired.fSUBFOLDER1-Forms authentication failed for the request. Reason: The ticket supplied has expired.fSUBFOLDER2Forms authentication failed for the request. Reason: The ticket supplied has expired.fSUBFOLDER3Forms authentication failed for the request. Reason: The ticket supplied has expired.fSUBFOLDER4&FolderCTID=0x012000CA42614391FEB7428E9B1A554DD8F0B4&View=20bA16F6972-8531-4079-B44D-FF86A104621120d

        Request path: /_layouts/login.aspx

        User host address: UNKNOWNIP

        User: 

        Is authenticated: False

        Authentication Type: 

        Thread account name: EXT_WFE_05\ANONYMOUS_ACCT 

    Name to authenticate: 

     

    Custom event details:

    For more information, see Help and <place><placename>Support</placename> <placetype>Center</placetype></place> at http://go.microsoft.com/fwlink/events.asp.

    Thursday, February 09, 2012 2:55 PM
  • Hi,

    Exception message: Could not load file or assembly 'Microsoft.SharePoint' or one of its dependencies. The system cannot find thefile specified.  

    I've seen this message from a bad install or anti-virus locking that DLL.  For AV see this  KB http://support.microsoft.com/kb/952167.

    For bad install, try  a repair on the SharePoint bits.  Don't do a repair during normal hours though since it will cause an outage.  Also make sure you have good backups of that server as a back out plan.

    The last bit is interesting because its talking about the ticket expiring.  Where does the ticket come from?  Are the clock on the servers in sync?



    Regards, Savoeurn Va Microsoft Online Community Support

    Thursday, February 16, 2012 3:04 AM
  • Thanks Savoeurn,

    The clocks seem to be synched. AntiVirus locking the dll is interesting and something I'll look into.

    By 'repair the Sharepoint bits', I assume to you mean to rerun the Products and Technology Wizard?

    The error has occurred twice this morning. I've been lookin through the IIS logs, trying to triangulate the issue.

    I submitted a bit of the log that seems interesting. from around the time of one of the failures. Trying to get my head around it. The 443 are an https redirect that has been in use since the site's creation. It's all returning successful 200's. The /_layouts/1033/styles/core.css file is listed here, which is one of the things missing from the login.aspx page that's served: no bg images or layout. Might be red herrings...?

    • Edited by scogordo Thursday, February 16, 2012 3:15 PM
    Thursday, February 16, 2012 3:03 PM
  • 2012-02-16 14:44:16 SPSiteBackupFolder 10.10.0.10 GET /_layouts/login.aspx ReturnUrl=%2fsite%2fdocLib%2fForms%2fAllItems.aspx 443 - 1P.IND.OM.AIN Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.1;+Trident/4.0;+GTB7.2;+.NET+CLR+2.0.50727;+InfoPath.1;+.NET+CLR+3.5.30729) 200 0 0 9275 656 11515
    2012-02-16 14:44:18 SPSiteBackupFolder 10.10.0.10 GET /_layouts/1033/styles/core.css rev=5msmprmeONfN6lJ3wtbAlA%3D%3D 443 - 1P.IND.OM.AIN Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.1;+Trident/4.0;+GTB7.2;+.NET+CLR+2.0.50727;+InfoPath.1;+.NET+CLR+3.5.30729) 200 0 0 6843 472 62
    2012-02-16 14:44:18 SPSiteBackupFolder 10.10.0.10 GET /WebResource.axd d=iEb9IsgEs9ZeydO4I7jPEQ2&t=633926416795501250 443 - 1P.IND.OM.AIN Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.1;+Trident/4.0;+GTB7.2;+.NET+CLR+2.0.50727;+InfoPath.1;+.NET+CLR+3.5.30729) 200 0 0 1363 472 0
    2012-02-16 14:44:18 SPSiteBackupFolder 10.10.0.10 GET /WebResource.axd d=-5hgx5xaqk4Aif-cCZNNJQ2&t=633926416795501250 443 - 1P.IND.OM.AIN Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.1;+Trident/4.0;+GTB7.2;+.NET+CLR+2.0.50727;+InfoPath.1;+.NET+CLR+3.5.30729) 200 0 0 5744 472 93
    2012-02-16 14:44:18 SPSiteBackupFolder 10.10.0.10 GET /_layouts/1033/core.js rev=CNBZRdV1h3pKuA7LsMXf3w%3D%3D 443 - 1P.IND.OM.AIN Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.1;+Trident/4.0;+GTB7.2;+.NET+CLR+2.0.50727;+InfoPath.1;+.NET+CLR+3.5.30729) 200 0 0 6840 464 31
    2012-02-16 14:44:18 SPSiteBackupFolder 10.10.0.10 GET /_layouts/1033/init.js rev=qX%2BG3yl4pldKy9KbPLXf9w%3D%3D 443 - 1P.IND.OM.AIN Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.1;+Trident/4.0;+GTB7.2;+.NET+CLR+2.0.50727;+InfoPath.1;+.NET+CLR+3.5.30729) 200 0 0 6842 466 437
    2012-02-16 14:44:18 SPSiteBackupFolder 10.10.0.10 GET /_layouts/login.aspx ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252f&Source=%2f 443 - 10.22.30.254 - 200 0 0 8233 144 281
    2012-02-16 14:44:18 SPSiteBackupFolder 10.10.0.10 GET /_layouts/login.aspx ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252f&Source=%2f 443 - 10.22.254.254 - 200 0 0 8233 144 15
    2012-02-16 14:44:20 SPSiteBackupFolder 10.10.0.10 GET /_layouts/images/helpicon.gif - 443 - 1P.IND.OM.AIN Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.1;+Trident/4.0;+GTB7.2;+.NET+CLR+2.0.50727;+InfoPath.1;+.NET+CLR+3.5.30729) 200 0 0 1308 438 0
    2012-02-16 14:44:20 SPSiteBackupFolder 10.10.0.10 GET /_layouts/images/titlegraphic.gif - 443 - 1P.IND.OM.AIN Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.1;+Trident/4.0;+GTB7.2;+.NET+CLR+2.0.50727;+InfoPath.1;+.NET+CLR+3.5.30729) 200 0 0 2182 442 0
    2012-02-16 14:44:20 SPSiteBackupFolder 10.10.0.10 GET /_layouts/images/blank.gif - 443 - 1P.IND.OM.AIN Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.1;+Trident/4.0;+GTB7.2;+.NET+CLR+2.0.50727;+InfoPath.1;+.NET+CLR+3.5.30729) 200 0 0 324 435 0
    2012-02-16 14:44:21 SPSiteBackupFolder 10.10.0.10 GET /favicon.ico - 443 - 1P.IND.OM.AIN Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.1;+Trident/4.0;+GTB7.2;+.NET+CLR+2.0.50727;+InfoPath.1;+.NET+CLR+3.5.30729) 200 0 0 274 268 1093
    • Edited by scogordo Thursday, February 16, 2012 3:08 PM
    Thursday, February 16, 2012 3:04 PM
  • Talked it over with a couple of the network guys, and AntiVirus seems to be the consensus. Will take a couple days until we get the okay to do some testing. Fingers crossed. Thanks again.
    • Edited by scogordo Thursday, February 16, 2012 5:23 PM
    Thursday, February 16, 2012 5:22 PM
  • Excluded the DLL directory from the AntiVirus scan on Tuesday, but error still occurring. (Edit: sorry, just reread the document you linked, going to speak to the AV guys about excluding the other directories outlined in the article.)

    By 'repair the Sharepoint bits', I assume to you mean to rerun the Products and Technology Wizard?

    Thanks again, all, for looking at this. Any other suggestions greatly appreciated.

    Scott


    • Edited by scogordo Thursday, February 23, 2012 5:15 PM
    Thursday, February 23, 2012 4:41 PM
  • Update: 

    All recommended exclusions in http://support.microsoft.com/kb/952167 for SharePoint Services 3.0 and SharePoint 2007 were added to Centralized Exceptions last week, but still not fixed. External FBA users are unable to log in at least once a day, when web.config is overwritten and iisreset is run to fix.

    Wednesday, February 29, 2012 4:12 PM
  • Problem has been occurring less frequently until this morning, when it went down and wouldn't come back up after web.config restore and iisreset. External users are unable to log in.

    Troubleshooting recommendations much, much appreciated.

    Thanks,

    Scott


    • Edited by scogordo Wednesday, March 21, 2012 4:30 PM
    Tuesday, March 20, 2012 2:38 PM
  • Hi,

    Since your normal method of "fixing" it isn't working.  Can you check to see if the FBA authentication source is reachable by the server?  If you check the <membership> <providers> element in the web.config you might be able to see which server it is attempting to contact.  Try doing a manual connection to this server when this issue is occurring. This should help you rule out a connectivity problem during this time frame.

    Also can you check to see if there are any solution deployments that are stuck or errored out? If they are in error or stuck state, it could explain why the web.config is getting changed.


    You may want to consider opening a support ticket to have a support engineer look at this in greater detail to see why it is behaving this way.


    Regards, Savoeurn Va Microsoft Online Community Support

    Thursday, March 22, 2012 8:49 PM
  • We opened a ticket with MS Support on Tuesday. It has been up and down since then, now down.
    Friday, March 23, 2012 1:35 PM