let me explain.. I have a 4 server farm (2 WFE, 2 APP and not Kerberos active). The two application servers have managed metadata, userprofile and search running. The two WFE only provide webapplication services.
No server provides the windows to security token service. I received a lot of issues in the MySites.
My error log was full of these on the APP Servers. WFE seemed to have issues with the managed metadata webservice:
exception returned from back end service. System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.
---> System.ServiceModel.FaultException: ID3242: The security token could not be authenticated or authorized. --- End of inner exception stack trace --- Server stack trace:
at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout) at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message
message, TimeSpan timeout) at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message me...
04/01/2011 20:42:51.00* w3wp.exe (0x130C) 0x0914 SharePoint Server
Taxonomy ca42 Medium ...ssage, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object ins, Object outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at : at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at Microsoft.SharePoint.Taxonomy.IMetadataWebServiceApplication.GetServiceSettings(Guid rawPartitionId) at Microsoft.SharePoint.Taxonomy.MetadataWebServic...
I read "security" and thought it might have something to do with the Windows to Security token service. After activating the Windows to security token Service on the APP Servers everything seems to run smooth.
Does this service have something todo with these errors? Is it required for the managed metadata webservice or did just magic solve this issue ?
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.