locked
HttpWebRequest_WebException_RemoteServer error when opening MDS Explorer. RRS feed

  • Question

  • I have recently installed SQL 2012 with MDS, added MDS DB and Website.

    I can get into the website without problems and browse around it most of it, except when I click Explorer, the error in the image below appears, and when I click OK to that one, the same error pops up again and no more after that and the interface comes up fine, but does not display the expected data as it shows up here:

    http://blogs.msdn.com/b/jason_howell/archive/2011/12/15/deploying-mds-samples-in-sql-server-2012.aspx

     

    I have checked my Authentication settings, and Windows Auth is enabled for the site and for tServices folder and so is Anonymous on Services folder.

    The error happens both on the machine itself and from a client machine.

    My machine is a 2008 Web Server x64 2008 R2 Sp1

     

     

     


    --ACG
    • Edited by ACG Friday, January 13, 2012 11:22 PM
    Friday, January 13, 2012 9:40 PM

Answers

  • With Arunjeet's help I was able to fix the issue with the following changes.

    1: In MDS Web.config set, changed policyEnforcement to: WhenSupported

    	  <bindings>
    		  <wsHttpBinding>
    			  <binding name="mdsWsHttpBinding" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
    				  <readerQuotas maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxDepth="2147483647" maxNameTableCharCount="2147483647" maxStringContentLength="2147483647"/>
    				  <!--Non-SSL implementations.-->
    				  <security mode="Message">
    					  <message clientCredentialType="Windows"/>
    					  <transport clientCredentialType="Windows">
    						  <strong><extendedProtectionPolicy policyEnforcement="WhenSupported" /></strong>
    					  </transport>
    				  </security>
    			  </binding>
    		  </wsHttpBinding>
    		  <basicHttpBinding>
    			  <binding name="mdsBasicHttpBinding" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
    				  <readerQuotas maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxDepth="2147483647" maxNameTableCharCount="2147483647" maxStringContentLength="2147483647"/>
    				  <!-- Non-SSL implementations.-->
    				  <security mode="TransportCredentialOnly">
    					  <transport clientCredentialType="Windows">
    						  <strong><extendedProtectionPolicy policyEnforcement="WhenSupported" /></strong>
    					  </transport>
    				  </security>				 
    			  </binding>
    		  </basicHttpBinding>
    	  </bindings>	

    2: Set applicationHost.config to the following:

       <location path="Default Web Site/<your mds webapp>">
            <system.webServer>
                <security>
                    <authentication>
                        <digestAuthentication enabled="false" />
                        <basicAuthentication enabled="false" />
                        <anonymousAuthentication enabled="true" />
                        <windowsAuthentication enabled="true" useKernelMode="true">
                            <extendedProtection tokenChecking="Allow" />
                        </windowsAuthentication>
                    </authentication>
                </security>
            </system.webServer>
        </location>
        <location path="Default Web Site/<your mds webapp>/Service">
            <system.webServer>
                <security>
                    <authentication>
                        <basicAuthentication enabled="false" />
                        <anonymousAuthentication enabled="true" />
                        <windowsAuthentication enabled="true" />
                    </authentication>
                </security>
            </system.webServer>
        </location>


    3: In IIS interface, set Default WebSite Windows Auth Advanced Settings- Extended Protection to Accept and Enable Anonymous Auth --- and the same for your WebApp and Service.

    Things are now working nicely and no more error messages.

    But it is odd that this had to be done. I would have expected the installation to just set this up correctly.

     

    In any event thanks Arunjeet!!

     


    --ACG


    • Marked as answer by ACG Monday, January 23, 2012 9:21 PM
    • Edited by ACG Monday, January 23, 2012 9:45 PM
    Monday, January 23, 2012 9:11 PM

All replies

  • Hi ACG

    Could you put up your web.config file so I can have a look at your service endpoints. Also, have to tried accessing models using the Excel client?

    Regards

    Arun


    Arunjeet Singh (Microsoft SQL Server Master Data Services)
    Saturday, January 14, 2012 3:48 AM
  • Thanks, I will send you the web config when back to work tomorrow, but I do recall checking the endpoints and I believe they are correct. Also, haven't tried with excel, waiting for IT to install it.
    --ACG
    Monday, January 16, 2012 5:57 PM
  • Hi Arunjeet,

     

    Here are the config endpoint settings from the config file:

     <services>
          <service behaviorConfiguration="mdsWsHttpBehavior" name="Microsoft.MasterDataServices.Services.Service">
            <endpoint binding="wsHttpBinding" bindingConfiguration="mdsWsHttpBinding"
              bindingNamespace="http://schemas.microsoft.com/sqlserver/masterdataservices/2009/09"
              contract="Microsoft.MasterDataServices.Services.ServiceContracts.IService" />
            <endpoint address="bhb" binding="basicHttpBinding" bindingConfiguration="mdsBasicHttpBinding"
              bindingNamespace="http://schemas.microsoft.com/sqlserver/masterdataservices/2009/09"
              contract="Microsoft.MasterDataServices.Services.ServiceContracts.IService" />
          </service>
          <service behaviorConfiguration="mdsWsHttpBehavior" name="MDS1">
            <endpoint binding="wsHttpBinding" bindingConfiguration="mdsWsHttpBinding"
              bindingNamespace="http://schemas.microsoft.com/sqlserver/masterdataservices/2009/09"
              contract="Microsoft.MasterDataServices.Services.ServiceContracts.IService" />
            <endpoint address="bhb" binding="basicHttpBinding" bindingConfiguration="mdsBasicHttpBinding"
              bindingNamespace="http://schemas.microsoft.com/sqlserver/masterdataservices/2009/09"
              contract="Microsoft.MasterDataServices.Services.ServiceContracts.IService" />
          </service>
        </services>
    



    --ACG
    Tuesday, January 17, 2012 4:16 PM
  • Hi

    The endpoints look okay to me. Another thing worth trying is to install a web debugging tool like Fiddler (http://www.fiddler2.com) and look at the actual requests that go from the UI to the server. I can probably help you do that. Can you please contact me via MSN messenger on arunjeet.singh@live.com or propose another messaging tool that you prefer? I get the feeling this will go much faster if we can just talk through it. I also might be able to help you with other questions that you have.

    Arun


    Arunjeet Singh (Microsoft SQL Server Master Data Services)
    Thursday, January 19, 2012 7:55 PM
  • With Arunjeet's help I was able to fix the issue with the following changes.

    1: In MDS Web.config set, changed policyEnforcement to: WhenSupported

    	  <bindings>
    		  <wsHttpBinding>
    			  <binding name="mdsWsHttpBinding" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
    				  <readerQuotas maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxDepth="2147483647" maxNameTableCharCount="2147483647" maxStringContentLength="2147483647"/>
    				  <!--Non-SSL implementations.-->
    				  <security mode="Message">
    					  <message clientCredentialType="Windows"/>
    					  <transport clientCredentialType="Windows">
    						  <strong><extendedProtectionPolicy policyEnforcement="WhenSupported" /></strong>
    					  </transport>
    				  </security>
    			  </binding>
    		  </wsHttpBinding>
    		  <basicHttpBinding>
    			  <binding name="mdsBasicHttpBinding" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
    				  <readerQuotas maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxDepth="2147483647" maxNameTableCharCount="2147483647" maxStringContentLength="2147483647"/>
    				  <!-- Non-SSL implementations.-->
    				  <security mode="TransportCredentialOnly">
    					  <transport clientCredentialType="Windows">
    						  <strong><extendedProtectionPolicy policyEnforcement="WhenSupported" /></strong>
    					  </transport>
    				  </security>				 
    			  </binding>
    		  </basicHttpBinding>
    	  </bindings>	

    2: Set applicationHost.config to the following:

       <location path="Default Web Site/<your mds webapp>">
            <system.webServer>
                <security>
                    <authentication>
                        <digestAuthentication enabled="false" />
                        <basicAuthentication enabled="false" />
                        <anonymousAuthentication enabled="true" />
                        <windowsAuthentication enabled="true" useKernelMode="true">
                            <extendedProtection tokenChecking="Allow" />
                        </windowsAuthentication>
                    </authentication>
                </security>
            </system.webServer>
        </location>
        <location path="Default Web Site/<your mds webapp>/Service">
            <system.webServer>
                <security>
                    <authentication>
                        <basicAuthentication enabled="false" />
                        <anonymousAuthentication enabled="true" />
                        <windowsAuthentication enabled="true" />
                    </authentication>
                </security>
            </system.webServer>
        </location>


    3: In IIS interface, set Default WebSite Windows Auth Advanced Settings- Extended Protection to Accept and Enable Anonymous Auth --- and the same for your WebApp and Service.

    Things are now working nicely and no more error messages.

    But it is odd that this had to be done. I would have expected the installation to just set this up correctly.

     

    In any event thanks Arunjeet!!

     


    --ACG


    • Marked as answer by ACG Monday, January 23, 2012 9:21 PM
    • Edited by ACG Monday, January 23, 2012 9:45 PM
    Monday, January 23, 2012 9:11 PM
  • Hi,

    I have created a clean installation with Windows 7 Ultimate and SQL Server 2012 RC0 for a session at the Microsoft Techdays, and I get the same error as described in the first entry of this thread. I followed the steps described, but it still does not work...

    This is what I did:

    • Adjusted C:\Program Files\Microsoft SQL Server\110\Master Data Services\WebApplication\Web.config.
    • Adjusted C:\Windows\System32\inetsrv\config\applicationHost.config (actually all settings were okay already as they reflect the settings in the IIS user interface).
    • Within IIS I have set the following properties for the "Default Web Site" and "Techdays" (my MDS application) node:
      - Authentication (Enabled "Anonymous Authentication" and "Windows Authentication")
      - Edited the Advanced Settings of "Windows Authentication" by setting Extended Protection to "Accept" and checking "Enable Kernel-mode authentication" (it was already checked).

    Now when I start my MDS website http://localhost/Techdays I get the error message "Access is Denied". When I disable "Anonymous Authentication" I can open de MDS website but then I still get the same error when opening the Explorer? This problem did not arise in the Denali release...

    How can I solve this problem?

    Any help here is really appreciated.

    Regards,

    Johan Machielse

    Tuesday, January 31, 2012 9:33 PM
  • Hi Johan

    I would not recommend installing MDS (even for a demo) on Windows 7 because I'm not sure it is a supported scenario. Also note that ACG above only needed to do what he did because in his environment Extended Protection was already turned on. By default, this setting is Off and the out of box installation works great with that.

    Regards

    Arun


    Arunjeet Singh (Microsoft SQL Server Master Data Services)
    Tuesday, January 31, 2012 10:58 PM
  • Hi Arun,

    Thank your for your quick answer, but I tried exactly the same steps on Windows 2008 R2 and unfortunately I am still getting the same "Access is Denied" error... (that's why I tried to do it on a Windows 7 Ultimate machine (also supported by SS2012 according the documentation), but that did not work out).

    The following thing is also very strange: When I open the MDS Manager I get the error "An unexpected error occurred, the server could not be contacted.". Is there also a solution for this one?

    So, here is a snippet of the applicationHost.config file and whole the web.config.

    Could this "Access is Denied" error be caused by a particular IIS setting that I have to set (right now, I did not touch anything, only the points mentioned in the above post)? Are there any permissions I have to set on folders? 

    I hope you can help me out here.

    applicationHost.config

    <location path="Default Web Site/Techdays">
            <system.webServer>
                <security>
                    <authentication>
                        <digestAuthentication enabled="false" />
                        <basicAuthentication enabled="false" />
                        <anonymousAuthentication enabled="true" />
                        <windowsAuthentication enabled="true" useKernelMode="true">
                            <extendedProtection tokenChecking="Allow" />
                        </windowsAuthentication>               
                    </authentication>
                </security>
            </system.webServer>
        </location>
        <location path="Default Web Site/Techdays/Service">
            <system.webServer>
                <security>
                    <authentication>
                        <basicAuthentication enabled="false" />
                        <anonymousAuthentication enabled="true" />
                        <windowsAuthentication enabled="true" />
                    </authentication>
                </security>
            </system.webServer>
        </location>
        <location path="Default Web Site">
            <system.webServer>
                <security>
                    <authentication>
                        <windowsAuthentication enabled="true" useKernelMode="true">
                            <extendedProtection tokenChecking="Allow" />
                        </windowsAuthentication>
                    </authentication>
                </security>
            </system.webServer>
        </location>

    Web.Config

    <configuration>
      <configSections>
        <section name="masterDataServices" type="Microsoft.MasterDataServices.Core.Configuration.MdsConfigurationSectionGroup, Microsoft.MasterDataServices.Core, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91" requirePermission="false" allowDefinition="Everywhere"/>
      </configSections>
      <!-- Example of assigning databases to different MDS service instances: 
      <masterDataServices>
          <instance siteName="Default Web Site" virtualPath="MDS" connectionName="connection1" serviceName="MDS1" />
          <instance siteName="Site2" virtualPath="folder1/folder2/MDS2" connectionName="connection2" serviceName="MDS2" />
      </masterDataServices>
      <connectionStrings>
        <add name="defaultMdsConnection" connectionString="Data Source=(local);Initial Catalog=defaultDb;Integrated Security=True;Connect Timeout=3600"/>
        <add name="connection1" connectionString="Data Source=(local);Initial Catalog=db1;Integrated Security=True;Connect Timeout=3600"/>
        <add name="connection2" connectionString="Data Source=(local);Initial Catalog=db2;Integrated Security=True;Connect Timeout=3600"/>
      </connectionStrings>
      -->
      <masterDataServices>
     <instance siteName="Default Web Site" virtualPath="Techdays" connectionName="Techdays_Connection" serviceName="MDS1" />
      </masterDataServices>
      <connectionStrings>
     <add name="Techdays_Connection" connectionString="Data Source=(local);Initial Catalog=Techdays;Integrated Security=True;Connect Timeout=3600"/>
      </connectionStrings>
      <system.web>
        <!--The location of the temporary ASP.NET compilation directory will be filled in by the Configuration Manager.-->
        <!--The temporary directory for compilation will reside at the root of the Master Data Services install path.-->
        <compilation debug="false" tempDirectory="" targetFramework="4.0">
          <assemblies>
            <add assembly="Microsoft.MasterDataServices.WebUI, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91"/>
            <add assembly="Microsoft.MasterDataServices.Common, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91"/>
            <add assembly="Microsoft.MasterDataServices.Wizard, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91"/>
            <add assembly="Microsoft.MasterDataServices.Wizard.Deployment, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91"/>
            <add assembly="System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
          </assemblies>
        </compilation>
        <customErrors mode="RemoteOnly" defaultRedirect="~/Error.aspx"/>
        <identity impersonate="false"/>
        <authentication mode="Windows"/>
        <httpRuntime maxRequestLength="100000" useFullyQualifiedRedirectUrl="true" executionTimeout="300"/>
        <pages buffer="true" enableSessionState="true" enableViewStateMac="true" validateRequest="true" enableEventValidation="true" controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID">
          <controls>
            <add tagPrefix="sc" namespace="Microsoft.MasterDataServices.WebUI.ServerControls" assembly="Microsoft.MasterDataServices.WebUI.ServerControls, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91"/>
            <add tagPrefix="act" namespace="Microsoft.MasterDataServices.WebUI.AjaxControlToolkit" assembly="Microsoft.MasterDataServices.WebUI.AjaxControlToolkit, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91"/>
          </controls>
        </pages>
        <globalization culture="auto" enableClientBasedCulture="true" uiCulture="auto"/>
      </system.web>
      <startup>
        <supportedRuntime version="v2.0.50727" safemode="true"/>
        <requiredRuntime version="v2.0.50727" safemode="true"/>
      </startup>
      <runtime>
        <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
          <dependentAssembly>
            <assemblyIdentity name="Microsoft.VisualBasic.Compatibility" publicKeyToken="b03f5f7f11d50a3a" culture="neutral"/>
            <bindingRedirect oldVersion="7.0.3300.0" newVersion="7.0.5000.0"/>
          </dependentAssembly>
        </assemblyBinding>
      </runtime>
      <system.codedom>
        <compilers>
          <compiler language="c#;cs;csharp" extension=".cs" compilerOptions="/warnaserror-" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
            <providerOption name="CompilerVersion" value="v4.0"/>
          </compiler>
          <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" compilerOptions="/optioninfer+" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
            <providerOption name="CompilerVersion" value="v4.0"/>
          </compiler>
        </compilers>
      </system.codedom>
      <system.web.extensions>
        <scripting>
          <webServices>
            <!--
                Uncomment this section to enable the authentication service. Include requireSSL="true" if appropriate.
                <authenticationService enabled="true" requireSSL = "true|false"/>
            -->
            <!--
                Uncomment these lines to enable the profile service, and to choose
                the profile properties that can be retrieved and modified in ASP.NET AJAX applications.

                <profileService enabled="true" readAccessProperties="propertyname1,propertyname2" writeAccessProperties="propertyname1,propertyname2" />
            -->
            <!--
                Uncomment this section to enable the role service.
                <roleService enabled="true"/>
            -->
            <jsonSerialization maxJsonLength="50000">
              <converters>
                <!--
                <add name="DataSetConverter" type="Microsoft.Web.Preview.Script.Serialization.Converters.DataSetConverter, Microsoft.Web.Preview"/>
                <add name="DataRowConverter" type="Microsoft.Web.Preview.Script.Serialization.Converters.DataRowConverter, Microsoft.Web.Preview"/>
                <add name="DataTableConverter" type="Microsoft.Web.Preview.Script.Serialization.Converters.DataTableConverter, Microsoft.Web.Preview"/>
                -->
              </converters>
            </jsonSerialization>
          </webServices>
        </scripting>
      </system.web.extensions>
      <!--
            The system.webServer section is required for running ASP.NET AJAX under Internet
            Information Services 7.0. It is not necessary for previous version of IIS.
        -->
      <system.webServer>
        <security>
          <requestFiltering>
            <requestLimits maxAllowedContentLength="100000000"/>
          </requestFiltering>
          <!--<authorization>
            <add accessType="Allow" users="?"/>
          </authorization>-->
        </security>
      </system.webServer>
      <system.serviceModel>
        <behaviors>
          <serviceBehaviors>
            <behavior name="mdsWsHttpBehavior">
              <!-- Enable to allow clients to retrieve metadata (WSDL) about the service endpoints. -->
              <!-- If not using SSL (httpGetEnabled="true" httpsGetEnabled="false") to expose service metadata.-->
              <!-- If SSL is being used (httpGetEnabled="false" httpsGetEnabled="true") to expose service metadata.-->
              <serviceMetadata httpGetEnabled="false" httpsGetEnabled="false"/>
              <!-- Enable to allow clients to see service exception details -->
              <serviceDebug includeExceptionDetailInFaults="false"/>
              <serviceThrottling maxConcurrentSessions="400"/>
              <dataContractSerializer maxItemsInObjectGraph="999999999"/>
            </behavior>
          </serviceBehaviors>
        </behaviors>

        <bindings>
        <wsHttpBinding>
         <binding name="mdsWsHttpBinding" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
          <readerQuotas maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxDepth="2147483647" maxNameTableCharCount="2147483647" maxStringContentLength="2147483647"/>
          <!--Non-SSL implementations.-->
          <security mode="Message">
           <message clientCredentialType="Windows"/>
           <transport clientCredentialType="Windows">
            <extendedProtectionPolicy policyEnforcement="WhenSupported" />
           </transport>
          </security>
         </binding>
        </wsHttpBinding>
        <basicHttpBinding>
         <binding name="mdsBasicHttpBinding" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
          <readerQuotas maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxDepth="2147483647" maxNameTableCharCount="2147483647" maxStringContentLength="2147483647"/>
          <!-- Non-SSL implementations.-->
          <security mode="TransportCredentialOnly">
           <transport clientCredentialType="Windows">
            <extendedProtectionPolicy policyEnforcement="WhenSupported" />
           </transport>
          </security>    
         </binding>
        </basicHttpBinding>
       </bindings>

        <services>
          <!-- Example MDS instance-specific service element. The name attribute maps to the serviceName attribute
          on a <masterDataServices>/<instance> element.
          <service behaviorConfiguration="mdsWsHttpBehavior" name="MDS1">
            <endpoint binding="wsHttpBinding" bindingConfiguration="mdsWsHttpBinding"
              contract="Microsoft.MasterDataServices.Services.ServiceContracts.IService" />
          </service>
          -->
          <service behaviorConfiguration="mdsWsHttpBehavior" name="Microsoft.MasterDataServices.Services.Service">
            <endpoint binding="wsHttpBinding" bindingConfiguration="mdsWsHttpBinding" bindingNamespace="http://schemas.microsoft.com/sqlserver/masterdataservices/2009/09" contract="Microsoft.MasterDataServices.Services.ServiceContracts.IService"/>
            <!--Silverlight doesn't support wsHttpBinding-->
            <endpoint address="bhb" binding="basicHttpBinding" bindingConfiguration="mdsBasicHttpBinding" bindingNamespace="http://schemas.microsoft.com/sqlserver/masterdataservices/2009/09" contract="Microsoft.MasterDataServices.Services.ServiceContracts.IService"/>
          </service>
        </services>
      </system.serviceModel>
      <system.diagnostics>
        <sources>
          <!-- Adjust the switch value to control the types of messages that should be logged.
               Use the a switchValue of Verbose to generate a full log. Please be aware that
               the trace file can get quite large very quickly -->
          <source name="MDS" switchType="System.Diagnostics.SourceSwitch" switchValue="Off">
            <listeners>
              <!-- Enable and configure listeners as desired to obtain trace messages. -->

              <!-- Uncomment this listener on to log to a file. Note that the [File Location] (including the []) is a placeholder.
                   Set it to a path where the service account you chose while setting up Master Data Services has read and write privileges -->
              <!--<add name="LogFileListener" type="System.Diagnostics.TextWriterTraceListener" initializeData="[File Location]" traceOutputOptions="DateTime" />-->

              <!-- <add name="EtwListener" type="System.Diagnostics.Eventing.EventProviderTraceListener, System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"
                   initializeData="{F2A341B8-CA5F-49ad-B00C-A82D3FCF948B}"/> -->
              <!-- <remove name="Default"/> -->
            </listeners>
          </source>
        </sources>
        <trace autoflush="true"/>
      </system.diagnostics>
      <appSettings>
        <!--
        The time interval, in minutes, that user information in the MDS database
        should be considered current for an active user. The default is 20 minutes.
        -->
        <add key="MdsMaximumUserInformationCacheInterval" value="20"/>
      </appSettings>
    </configuration>

    Regards,

    Johan Machielse

    Wednesday, February 1, 2012 6:45 AM
  • Hi Johan

    It looks like Anonymous Authentication is enabled for Default Web Site/Techdays and Default Web Site/Techdays/Service. It should only be enabled for Default Web Site/Techdays/Service since the basic http endpoint needs both anonymous and windows authentication available. To remedy this:

    1. Open IIS Manager

    2. Select Default Web Site -> Techdays

    3. Double click Authentication in the center pane

    4. Right-click and disable Anonymous Authentication

    I have a feeling that this might have been your original problem. Since you did not have extended protection turned on in IIS originally your issue was not the same as that of ACG. I am also interested in knowing whether you used the MDS Configuration Manager to set up your web application (Techdays). If you did, this might be a bug because the application should be set up with just Windows Authentication enabled and the /Service folder should have both anonymous and windows authentication enabled. If you did use the MDS Configuration Manager to set up your web application, were there any warnings? What were they?

    I hope this information helps. For the demo I'd advise turning off Extended Protection and going with the defaults unless you feel you really need it.

     

    Regards

    Arun


    Arunjeet Singh (Microsoft SQL Server Master Data Services)
    Wednesday, February 1, 2012 7:00 AM
  • Hi Arun,

    Thank you for the answer!

    I now have the following situation:

    • Default Web Site
      - Extended Protection = "Accept"
      - Enable Kernel-mode authentication = checked
      - Anonymous Authentication = Enabled/Disabled (tried both)
      - Windows Authentication = Enabled
    • Techdays
      - Extended Protection = "Accept"
      - Enable Kernel-mode authentication = checked
      - Anonymous Authentication = Disabled
      - Windows Authentication = Enabled
    • Techdays/Service
      - Extended Protection = "Accept"
      - Enable Kernel-mode authentication = checked|
      - Anonymous Authentication = Enabled
      - Windows Authentication = Enabled

    The "Access is Denied" error is not shown anymore, but I still get the error message when opening the Explorer screen. Any ideas?

    About the Configuration Manager: when I openened it the first time I got the error immediately. After ignoring the error I could create the db and web application, but was not able to connect both by pushing the "Apply" button (also same error). So, somehow I don't have the right permission here (do you also need special permissions on folders)?   

    Thank you in advance.

    Regards,

    Johan Machielse

    Wednesday, February 1, 2012 11:44 AM
  • Hi Johan

    You said:

    "About the Configuration Manager: when I openened it the first time I got the error immediately. After ignoring the error I could create the db and web application, but was not able to connect both by pushing the "Apply" button (also same error). "

    What was this error. Could you send me a screenshot or other details?

    Also, can you enable trace logging on both the MDS Configuration Manager and the web application when you do these steps? Instructions on turning on logging are here:

    http://support.microsoft.com/kb/2423478

    Regards

    Arun


    Arunjeet Singh (Microsoft SQL Server Master Data Services)
    Thursday, February 2, 2012 1:38 AM
  • Hi Arun,

    When opening the Configuration Manager I get the following error: "An unexpected error occurred: The server could not be contacted..".

    I executed the following steps to fill the log file:

    • Opened the Configuration Manager
    • Opened Master Data Manager in IE and selected "Explorer".

    The log file is located on my Skydrive: https://skydrive.live.com/redir.aspx?cid=106c059069def7cf&resid=106C059069DEF7CF!2314&parid=root

    I think the most important messages are:

    DateTime=2012-02-02T06:31:43.4894665Z
    MDS Critical: 0 : Services threw an unhandled exception!
    System.ServiceModel.FaultException: The message with To 'http://win-4bpf2sar5bj/Techdays/Service/Service.svc/bhb' cannot be processed at the receiver, due to an AddressFilter mismatch at the EndpointDispatcher. Check that the sender and receiver's EndpointAddresses agree.
    at System.ServiceModel.Dispatcher.ErrorBehavior.ThrowAndCatch(Exception e, Message message)
    DateTime=2012-02-02T06:31:53.9951685Z
    MDS Critical: 0 : Services threw an unhandled exception!
    System.ServiceModel.FaultException: The message with To 'http://win-4bpf2sar5bj/Techdays/Service/Service.svc/bhb' cannot be processed at the receiver, due to an AddressFilter mismatch at the EndpointDispatcher. Check that the sender and receiver's EndpointAddresses agree.
    at System.ServiceModel.Dispatcher.ErrorBehavior.ThrowAndCatch(Exception e, Message message)
    DateTime=2012-02-02T06:31:53.9961161Z

    Let me know if you have an idea what's going on here.

    Thank you in advance!

    Regards,

    Johan Machielse

     

    Thursday, February 2, 2012 6:42 AM
  • Hi Johan

    I just replied to your contact request. Lets try and debug this over IM and see if we can get anywhere. In the meantime, one thing worth trying (and this might be a total fluke) is to try and access your MDS application using http://win-4bpf2sar5bj/Techdays (win-4bpf2sar5bj appears to be your hostname) instead of http://localhost/Techdays and checking what results you get.

    Regards

    Arun


    Arunjeet Singh (Microsoft SQL Server Master Data Services)
    Friday, February 3, 2012 8:10 PM
  • Hi Johan

    It appears you have run into a bug with SQL Server MDS RC0 that was originally brought up herE: http://social.msdn.microsoft.com/Forums/is/sqldenmds/thread/764ba30b-418a-4f79-9a8d-ce9dd3225a7a. Unfortunately the only workaround seems to be to join the machine to a domain. We have fixed this issue for RTM and it will be part of the next release.

    Regards

    Arun


    Arunjeet Singh (Microsoft SQL Server Master Data Services)

    Tuesday, February 7, 2012 11:18 PM