none
FIM Password Registration Portal - Error 3008 - Communication Error. RRS feed

  • Question

  •     I am having a problem registering on the Password Registration Portal. I can login and proceed to answer the security questions. When i click next after answering all the questions I get an error on browser

    An error has occurred. Please try again, and if the problem persists, contact your help desk or system administrator. (Error 3008)

    3 events are also logged in the Event Viewer on the Portal Server. (SEE BELOW)

    I am able to connect to the fimservice2 from browser on Portal server using the URLs : http://fimservice2.idmad.lab:5725 and http://fimservice2.idmad.lab:5726. So I think its not network or firewall problem. I have included the relevant information below. Please let me know if you need any more information.

    Environment :

    Windows Server 2012 , FIM 2010 R2 SP1, Sharepoint 2013 Foundation.

    FIM Portal, Password Registration and Reset portals are all on a separate server than FIM Service. FIM Portal is working fine.

    SPNS:

    CN=FIM PWService,OU=FimServiceAccounts,OU=FIMAdmin,OU=FimLab2,DC=idmad,DC=lab

    HTTP/fimreset
    HTTP/fimreset.idmad.lab
    HTTP/fimreg.idmad.lab
    HTTP/fimreg
    -----------
    CN=FIM Service,OU=FimServiceAccounts,OU=FIMAdmin,OU=FimLab2,DC=idmad,DC=lab

    FIMService/fimservice2
    FIMService/fimservice2.idmad.lab
    -----------
    CN=FIM SPPool,OU=FimServiceAccounts,OU=FIMAdmin,OU=FimLab2,DC=idmad,DC=lab

    HTTP/fimportal2
    HTTP/fimportal2.idmad.lab

    Web.config for Password Registration Portal :

      <resourceManagementClient resourceManagementServiceBaseAddress="http://fimservice2.idmad.lab:5725" timeoutInMilliseconds="60000" />

    Microsoft.ResourceManagement.Service.exe.config file :

      <service name="Microsoft.ResourceManagement.WebServices.ResourceManagementService">
            <host>
              <baseAddresses>
                <add baseAddress="http://localhost:5725" />
              </baseAddresses>
            </host>
          </service>
          <service name="Microsoft.ResourceManagement.WebServices.SecurityTokenService">
            <host>
              <baseAddresses>
                <add baseAddress="http://localhost:5726" />
              </baseAddresses>
            </host>
          </service>
        </services>
      </system.serviceModel>
      <resourceManagementClient resourceManagementServiceBaseAddress="fimservice2.idmad.lab" />
      <resourceManagementService externalHostName="fimservice2.idmad.lab" />

    3 events in Event log on the portal server:

    EVENT 1

    Failure to connect to FIM Service
    The web portal failed to connect to the FIM Service.

    Ensure that (1) the FIM Service is running, (2) the FIM Service server address is correct in the web.config file on the web portal, and (3) that network connectivity is available between the web portal and the FIM Service over the designated port.
    Details:
    System.ServiceModel.CommunicationException: An error occurred while receiving the HTTP response to http://fimservice2.idmad.lab:5726/ResourceManagementService/SecurityTokenService/Registration. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a receive. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
       at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
       --- End of inner exception stack trace ---
       at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
       at System.Net.PooledStream.Read(Byte[] buffer, Int32 offset, Int32 size)
       at System.Net.Connection.SyncRead(HttpWebRequest request, Boolean userRetrievedStream, Boolean probeRead)
       --- End of inner exception stack trace ---
       at System.Net.HttpWebRequest.GetResponse()
       at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
       --- End of inner exception stack trace ---

    Server stack trace:
       at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
       at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
       at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ContextRequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

    Exception rethrown at [0]:
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at Microsoft.ResourceManagement.WebServices.WSTrust.ISecurityTokenService.RequestSecurityTokenResponse(Message request)
       at Microsoft.ResourceManagement.WebServices.SecurityTokenServiceClient.RequestSecurityTokenResponse(Message request)
       at Microsoft.ResourceManagement.WebServices.SecurityTokenServiceClient.RequestSecurityTokenResponse(RequestSecurityTokenResponseType request, ClientOptionsHelper clientOptionsHelper, MessageBuffer& messageBuffer)
       at Microsoft.ResourceManagement.WebServices.Client.AuthenticationRequiredException.Authenticate(AuthenticationChallengeResponseType[] authenticationChallengeResponses, MessageBuffer& messageBuffer, ClientOptionsHelper clientOptionsHelper)
       at Microsoft.IdentityManagement.CredentialManagement.Portal.Common.RegistrationProxy.GetNextChallenge(String domain, String username, ChallengeContext gateChallengeResponse, FaultExceptionHandlerDelegate faultExceptionHandler)
    Web Portal: FIM Password Registration Portal
    Session Id: qoind5aknc1xmn55ho033qn0
    IP Address: 10.0.44.44

    EVENT 2

    Microsoft.IdentityManagement.CredentialManagement.Portal: System.Web.HttpUnhandledException: ScriptManager_AsyncPostBackError ---> Microsoft.IdentityManagement.CredentialManagement.Portal.Exceptions.GenericCommunicationException: An error occurred while receiving the HTTP response to http://fimservice2.idmad.lab:5726/ResourceManagementService/SecurityTokenService/Registration. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. ---> System.ServiceModel.CommunicationException: An error occurred while receiving the HTTP response to http://fimservice2.idmad.lab:5726/ResourceManagementService/SecurityTokenService/Registration. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a receive. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
       at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
       --- End of inner exception stack trace ---
       at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
       at System.Net.PooledStream.Read(Byte[] buffer, Int32 offset, Int32 size)
       at System.Net.Connection.SyncRead(HttpWebRequest request, Boolean userRetrievedStream, Boolean probeRead)
       --- End of inner exception stack trace ---
       at System.Net.HttpWebRequest.GetResponse()
       at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
       --- End of inner exception stack trace ---

    Server stack trace:
       at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
       at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
       at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ContextRequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

    Exception rethrown at [0]:
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at Microsoft.ResourceManagement.WebServices.WSTrust.ISecurityTokenService.RequestSecurityTokenResponse(Message request)
       at Microsoft.ResourceManagement.WebServices.SecurityTokenServiceClient.RequestSecurityTokenResponse(Message request)
       at Microsoft.ResourceManagement.WebServices.SecurityTokenServiceClient.RequestSecurityTokenResponse(RequestSecurityTokenResponseType request, ClientOptionsHelper clientOptionsHelper, MessageBuffer& messageBuffer)
       at Microsoft.ResourceManagement.WebServices.Client.AuthenticationRequiredException.Authenticate(AuthenticationChallengeResponseType[] authenticationChallengeResponses, MessageBuffer& messageBuffer, ClientOptionsHelper clientOptionsHelper)
       at Microsoft.IdentityManagement.CredentialManagement.Portal.Common.RegistrationProxy.GetNextChallenge(String domain, String username, ChallengeContext gateChallengeResponse, FaultExceptionHandlerDelegate faultExceptionHandler)
       --- End of inner exception stack trace ---
       at Microsoft.IdentityManagement.CredentialManagement.Portal.Common.RegistrationProxy.GetNextChallenge(String domain, String username, ChallengeContext gateChallengeResponse, FaultExceptionHandlerDelegate faultExceptionHandler)
       at Microsoft.IdentityManagement.CredentialManagement.Portal.Components.DriverBase.GetNextGate(IGateControl currentGate)
       at Microsoft.IdentityManagement.CredentialManagement.Portal.Registration.Next()
       at System.Web.UI.WebControls.Button.OnClick(EventArgs e)
       at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
       at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
       at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
       --- End of inner exception stack trace ---
       at Microsoft.IdentityManagement.CredentialManagement.Portal.Site.ScriptManager_AsyncPostBackError(Object sender, AsyncPostBackErrorEventArgs eventArgs)
       at System.Web.UI.ScriptManager.OnAsyncPostBackError(AsyncPostBackErrorEventArgs e)
       at System.Web.UI.PageRequestManager.OnPageError(Object sender, EventArgs e)
       at System.Web.UI.TemplateControl.OnError(EventArgs e)
       at System.Web.UI.Page.HandleError(Exception e)
       at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
       at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
       at System.Web.UI.Page.ProcessRequest()
       at System.Web.UI.Page.ProcessRequest(HttpContext context)
       at ASP.default_aspx.ProcessRequest(HttpContext context)
       at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
       at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

    EVENT 3

    The error page was displayed to the user.
    Details:
    Title: Communication Error
    Message: An error has occurred. Please try again, and if the problem persists, contact your help desk or system administrator. (Error 3008)
    Source:
    Attributes:
    Details: Microsoft.IdentityManagement.CredentialManagement.Portal.Exceptions.GenericCommunicationException: An error occurred while receiving the HTTP response to http://fimservice2.idmad.lab:5726/ResourceManagementService/SecurityTokenService/Registration. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. ---> System.ServiceModel.CommunicationException: An error occurred while receiving the HTTP response to http://fimservice2.idmad.lab:5726/ResourceManagementService/SecurityTokenService/Registration. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a receive. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
       at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
       --- End of inner exception stack trace ---
       at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
       at System.Net.PooledStream.Read(Byte[] buffer, Int32 offset, Int32 size)
       at System.Net.Connection.SyncRead(HttpWebRequest request, Boolean userRetrievedStream, Boolean probeRead)
       --- End of inner exception stack trace ---
       at System.Net.HttpWebRequest.GetResponse()
       at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
       --- End of inner exception stack trace ---

    Server stack trace:
       at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
       at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
       at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ContextRequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

    Exception rethrown at [0]:
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at Microsoft.ResourceManagement.WebServices.WSTrust.ISecurityTokenService.RequestSecurityTokenResponse(Message request)
       at Microsoft.ResourceManagement.WebServices.SecurityTokenServiceClient.RequestSecurityTokenResponse(Message request)
       at Microsoft.ResourceManagement.WebServices.SecurityTokenServiceClient.RequestSecurityTokenResponse(RequestSecurityTokenResponseType request, ClientOptionsHelper clientOptionsHelper, MessageBuffer& messageBuffer)
       at Microsoft.ResourceManagement.WebServices.Client.AuthenticationRequiredException.Authenticate(AuthenticationChallengeResponseType[] authenticationChallengeResponses, MessageBuffer& messageBuffer, ClientOptionsHelper clientOptionsHelper)
       at Microsoft.IdentityManagement.CredentialManagement.Portal.Common.RegistrationProxy.GetNextChallenge(String domain, String username, ChallengeContext gateChallengeResponse, FaultExceptionHandlerDelegate faultExceptionHandler)
       --- End of inner exception stack trace ---
       at Microsoft.IdentityManagement.CredentialManagement.Portal.Common.RegistrationProxy.GetNextChallenge(String domain, String username, ChallengeContext gateChallengeResponse, FaultExceptionHandlerDelegate faultExceptionHandler)
       at Microsoft.IdentityManagement.CredentialManagement.Portal.Components.DriverBase.GetNextGate(IGateControl currentGate)
       at Microsoft.IdentityManagement.CredentialManagement.Portal.Registration.Next()
       at System.Web.UI.WebControls.Button.OnClick(EventArgs e)
       at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
       at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
       at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
    CorrelationId:
    RequestId:
    ErrorCode: 3008
    CaughtTime: 07/10/2013 10:12:55

    Web Portal: FIM Password Registration Portal
    Session Id: qoind5aknc1xmn55ho033qn0
    IP Address: 10.0.44.44

    Wednesday, July 10, 2013 6:09 PM

All replies

  • Any help ???

    Anthony Ho : I am really counting on you ;)

    Thursday, July 11, 2013 5:04 PM
  • Hi Rajet,

    having a quick look at the errors it certainly seems like it is network related.

    Could it be possible that there is a system configuration setting for an internet proxy?

    I have seen this cause problems before.

    Maybe run "netsh winhttp show proxy" to verify if any proxy settings are configured?

    Thursday, July 11, 2013 11:55 PM
  • E:\Service and Portal>netsh winhttp show proxy

    Current WinHTTP proxy settings:

        Direct access (no proxy server)

    I have also checked the proxy configuration on IE and no proxy is configured.

    Any thing else you can think of that might be causing this ?

    I can open the URLs from IE : http://fimservice2.idmad.lab:5725 and http://fimservice2.idmad.lab:5726

    BUT I cannot open http://fimservice2.idmad.lab:5726/ResourceManagementService/SecurityTokenService/Registration as mentioned in the event log. When I try to open that from IE I get -

    HTTP 400 Bad Request - The webpage cannot be found

    This error (HTTP 400 Bad Request) means that Internet Explorer was able to connect to the web server, but the webpage could not be found because of a problem with the address.

    For more information about HTTP errors, see Help.

    Any other suggestions?

    Friday, July 12, 2013 3:41 PM
  • any errors from FIMService?

    The FIM Password Reset Blog http://blogs.technet.com/aho/

    Saturday, July 13, 2013 1:52 PM
  • also, go to the FIM Admin Portal, find the request you just trigger, see what state is it in

    The FIM Password Reset Blog http://blogs.technet.com/aho/

    Saturday, July 13, 2013 1:54 PM
  • Try this..

    http://social.technet.microsoft.com/wiki/contents/articles/24629.fim-troubleshooting-sspr-registration-error-3008-an-error-occurred-while-receiving-the-http-response.aspx

    Solution



         1. Download PsExec from here: http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx  

         2. Open a command prompt as administrator and run the command below

         3. psexec.exe -s -d -i cmd.exe

         4. In the new command prompt window that opens, type: mmc.exe

         5. Add the Certificate snap-in, select Computer Account radio button, then select Local Computer and Finish.

         6. Expand Certificates (Local Computer)Personal, then click on the Certificates folder.

         7. Right click on ForefrontIdentityManager and select Manage Private Keys...

     

         8. Add the FIMService account and give it read permission.

         9. Restart the FIMService



    Aryan Nava | Twitter: @cloudtxt | Blog: http://aryannava.com
    Please click "Propose As Answer" if a post solves your problem or "Vote As Helpful" if a post has been useful to you.

    Disclaimer: This posting is provided "AS IS" with no warranties.

    • Proposed as answer by Mubeen Abbasi Wednesday, January 22, 2020 6:46 PM
    Tuesday, June 24, 2014 2:25 PM
  • Issue is related to certificate in server running Forefront Identity Manager Service, if you are sure you provide the permission as per article https://social.technet.microsoft.com/wiki/contents/articles/24629.fim-troubleshooting-sspr-registration-error-3008-an-error-occurred-while-receiving-the-http-response.aspx but still facing problem make sure the CertificateThumbprint have same Thumbprint  as per your certificate (normally localhost), if not then change the thumbprint in registry  registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FIMService>CertificateThumbprint

    Note: make sure to copy the thumbprint from powershell not from mmc

    PS C:\Windows\system32> cd CERT:\\
    PS Cert:\> ls .\\LocalMachine\My



    Monday, February 3, 2020 9:40 AM