locked
IIS Admin Service won't start RRS feed

  • Question

  • Server 2012 R2 Datacenter, dedicated SCCM (1710) server. As of this morning the IIS Admin Service will not start and now I cannot use SCCM to build machines (it worked yesterday). Most of the applications are missing when you go to Start\Programs......almost as if the GUI is messed up. It is the same for anyone who logs in. No updates have been applied. The error is "Windows could not start the IIS Admin Service on Local Computer. For more information, review the System Event Log. If this is a non-Microsoft service, contact the service vendor, and refer to service-specific error code -2146893818".

    The System Event Log says "The IIS Admin Service service terminated with the following service-specific error:
    Invalid Signature"

    I have rebooted.

    Is uninstalling\re-installing IIS (and WSUS, etc. because this is a WDS server) my only option?

    I've read that you can restore the contents of the Machine Key (C:\ProgramData\Application Data\Microsoft\Crypto\RSA\MachineKeys), but do I just delete what is in there and restore from a backup of 2 days ago? Or do I need to "regenerate" them? I've read different things and am not clear.

    https://social.technet.microsoft.com/Forums/en-US/64252410-2f8c-49bc-9847-76a67ce03460/machine-keys?forum=winserversecurity

    Tuesday, May 29, 2018 2:32 PM

Answers

  • I burned a call with MS (we have 3 free calls covered by our MPSA that we can use each year). The issue turned out to be a corrupted SCCM certificate. The tech recreated it and all is well.
    • Marked as answer by Jack Leidu Thursday, May 31, 2018 1:39 PM
    Thursday, May 31, 2018 1:39 PM

All replies

  • You've got much bigger, non-ConfigMgr related issues here so posting in a Windows Server forum will probably serve you better.

    I generally would never delete anything from that folder though. 

    Based on http://findnerd.com/list/view/How-to-resolve-error-Could-not-start-the-IIS-Admin-Service---error-code--2146893818/4269/, I would try removing and re-adding the IIS Metabase compat feature first.


    Jason | https://home.configmgrftw.com | @jasonsandys

    • Marked as answer by Jack Leidu Tuesday, May 29, 2018 4:22 PM
    • Unmarked as answer by Jack Leidu Tuesday, May 29, 2018 6:39 PM
    Tuesday, May 29, 2018 3:10 PM
  • I used option 3 in the URL you provided. That fixed the IIS issue, however SCCM is still broken......I actually think there is something wrong with the OS. Server Manager is missing options from the Tools drop down, etc. I will see what I can glean on the Windows Server forum.
    Tuesday, May 29, 2018 4:24 PM
  • 1) Option 3 on the URL you sent resolved the IIS issue
    2) sfc /scannow found and resolved issues, this cleared some issues I had with Server Manager.

    I am still unable to PXE boot my machines. I hit F12, then do it again and it immediately comes back with the following (this is actually the error I got that led me to the IIS Admin Service issue):

    Recovery

    Your PC needs to be repaired

    The Windows Boot Configuration Data (BCD) file from the PXE server does not contain a valid operating system entry. Ensure that the server has boot images installed for the architecture.

    File:\Tmp\x86x64{CD507690-3984-4949-A266-B17FC099EBEF}.bcd

    Error code: 0xc0000098

    I have uninstalled and re-installed WDS (per an article I found), updated the boot image (per an article I found), to no avail. This server was not recently patched, it just stopped working over night. In the Application Event log I see the following, it started the day the issues started.

    "component SMS_MP_CONTROL_MANAGER on computer "my_sccm_server" reported:  MP Control Manager detected management point is not responding to HTTP requests.  The HTTP status code and text is 500, Internal Server Error."

    We only use SCCM to build our machines. I have no idea if the above error is the root cause. I will update the post with what I find. I have followed the instructions on this site (including updating my distribution point), but it did not help:

    http://gerryhampsoncm.blogspot.com/2013/02/sccm-2012-task-sequence-fails-with-bcd.html

    • Edited by Jack Leidu Tuesday, May 29, 2018 7:38 PM
    Tuesday, May 29, 2018 7:28 PM
  • Your MP failure isn't the root cause but is another symptom of whatever the root cause is.

    As a sanity check, make sure that you have plenty of free disk space.

    Have you reviewed the app pools in IIS to make sure that they are running?


    Jason | https://home.configmgrftw.com | @jasonsandys

    Tuesday, May 29, 2018 8:39 PM
  • The server has plenty of free space and all of the IIS app pools are in a Started status. No idea what the heck happened to this server. We have 3 free calls with MS, I may need to burn one for this issue. What's odd is that when you go to Apps you don't see System Center and stuff like that. They are in Programs and Features. Whatever took place really hosed this server.
    Tuesday, May 29, 2018 8:50 PM
  • A site restore may be the best path here.

    Make sure that you have a good ConfigMgr backup including the DB, cd.latest, your source files, the content library, custom reports, the WSUS DB, and your configuration.mof file.



    Jason | https://home.configmgrftw.com | @jasonsandys

    Tuesday, May 29, 2018 9:07 PM
  • I burned a call with MS (we have 3 free calls covered by our MPSA that we can use each year). The issue turned out to be a corrupted SCCM certificate. The tech recreated it and all is well.
    • Marked as answer by Jack Leidu Thursday, May 31, 2018 1:39 PM
    Thursday, May 31, 2018 1:39 PM
  • Can you be more specific here as to exactly which cert?

    Jason | https://home.configmgrftw.com | @jasonsandys

    Thursday, May 31, 2018 2:21 PM
  • Here are the resolution notes from the case:

    Resolution:

    -- Created a new DP cert in the DP properties.

    -- Assigned new expiry date.

    -- Checked in certificates new DP cert unblocked.

    -- Restarted SMSEXEC and SMS_COMPONENT_MANAGER services.

    -- PXE boot successful.

    Also I am sharing some article links and value ads with you for future references:

    https://blogs.technet.microsoft.com/volkancoskun/2015/08/06/osd-pxe-step-by-step/

    https://docs.microsoft.com/en-us/sccm/osd/deploy-use/use-pxe-to-deploy-windows-over-the-network

    https://blogs.technet.microsoft.com/system_center_configuration_manager_operating_system_deployment_support_blog/2011/10/14/troubleshooting-the-pxe-service-point-and-wds-in-configuration-manager-2007/

    Thursday, May 31, 2018 2:22 PM
  • Hi, we experienced similar issues a month apart on two different servers and found that something had erased several folders from the ProgramData folder causing certificate issues with IIS, SQL for SCCM, the Start Menu, and profile generation for admin logons. The work-arounds posted here will repair some of these issues, but a restore of ProgramData is the real fix. The question we have yet to answer is what erased the data, the only common thing we have found so far is the use of the SCCM Image Creation Tool, and some common Admins. Would be interested to hear if anyone else can find the cause.
    Friday, July 27, 2018 6:25 AM
  • We experienced this issue last week on a Windows Server 2012 with SCCM 1710. We did a full restore of the server to get it working again. I was using Windows System Image Manager a few hours before the issue occured.
    • Edited by chchris Monday, July 30, 2018 9:52 AM
    Monday, July 30, 2018 9:52 AM
  • Keep in mind that a full system restore is not a supported method to restore ConfigMgr mainly because of database consistency.

    Jason | https://home.configmgrftw.com | @jasonsandys

    Monday, July 30, 2018 2:22 PM
  • In our case WSIM (Windows System Image Manager) is the culprit. If an image is mounted to the users temp folder and the user logs off, a lot of data in C:\ProgramData gets deleted. I am still working with Microsoft Support to get this bug resolved.
    Thursday, September 20, 2018 10:55 AM
  • I have had a very similar experience, do you have anything more from Microsoft on this, if so can you please share it.
    Wednesday, November 7, 2018 10:26 PM
  • Microsoft is working hard on this support case, so far they did not find the root cause.

    Steps to reproduce in our case:
    - Take a snapshot
    - Connect to the server via RDP
    - Mount a vanilla Windows WIM (eg 1709 Enterprise) to the users temp folder with dism
    - Sign out from the RDP session

    If the RDP Host runs with default settings the temp directory will be cleared at logoff. This process takes a long time and will render the server unusable, deleting almost everything from C:\ProgramData.

    Microsoft is not able to reproduce this, we can reproduce it on different 2012 R2 Servers.

    Tuesday, December 4, 2018 1:08 PM
  • Microsoft is now able to reproduce the issue. When mounting the Windows WIM to the users temp folder Junction Points are used. During the logoff of the user the temp folder is deleted and because of the Junction Points this affects the "real" locations too (e.g. C:\ProgramData).

    MS: The Request for Hotfix has now been assigned to a developer who will work on it. We are now waiting for his inputs. He will let us know if a fix will be done and if so, when we can expect it.

    Thursday, February 7, 2019 7:46 AM
  • According to Microsoft there will be a fix for 2016 and 2019, not for older OS.
    Monday, February 18, 2019 11:55 AM