none
MIM 2016 Portal SharePoint 2016 - Microsoft.IdentityManagement.WebUI.Controls.ServerDownException: Error connecting to server RRS feed

  • Question

  • Hi,

    I have installed MIM 2016 Portal on SharePoint 2016 portal with all the pre-reqs - kerberos, compat mode 15, etc. The installer ran through fine, with a warning that the MIM Service server could not be contacted. The firewall on the service server is off but all forefront incoming rules, including ports 5724-26 are enabled. On both the service server and the portal server, I can reach the webservers (:5725). Once the installer is done, I get an error on the SharePoint page for the identitymanagement site:

    Getting Error Message for Exception System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> Microsoft.IdentityManagement.WebUI.Controls.ServerDownException: Error connecting to server ---> System.ServiceModel.Security.SecurityNegotiationException: The caller was not authenticated by the service. ---> System.ServiceModel.FaultException: The request for security token could not be satisfied because authentication failed. 

    Any idea why this is?

    Thanks!

    Thursday, February 16, 2017 10:41 PM

All replies

  • Hello Gurdip,

    The error that you are facing is "The caller was not authenticated by the service" - it seems that your account that you are using to access FIMService/FIMPortal is not the same as the account used to install those services.

    At the creation, only the installer has his account init to connect in FIM Portal with the attribute Domain, AccountName and Resource SID, which is the one from your AD.
    This way, only the installer can access site.

    Check also the permission site at http://localhost/IdentityManagement/_layouts/user.aspx to view if the installer account has Full Control privilege.
    You can also had the NT Authority\Authenticated Users group as Contributor to authorize connection for all Authenticated users.


    If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.


    Friday, February 17, 2017 8:25 AM
  • Hello Gurdip,

    The error that you are facing is "The caller was not authenticated by the service" - it seems that your account that you are using to access FIMService/FIMPortal is not the same as the account used to install those services.

    At the creation, only the installer has his account init to connect in FIM Portal with the attribute Domain, AccountName and Resource SID, which is the one from your AD.
    This way, only the installer can access site.

    Check also the permission site at http://localhost/IdentityManagement/_layouts/user.aspx to view if the installer account has Full Control privilege.
    You can also had the NT Authority\Authenticated Users group as Contributor to authorize connection for all Authenticated users.


    If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.


    I checked that page and the user which installed the account wasn't in there. I've added that with full control.

    I did select add all authenticated users during the installation.

    Friday, February 17, 2017 2:33 PM