Connect to a remote farm for search is giving error


  • Hi,

       at the end of publishing search service getting error while trying to connect to the remote publishing farm

    $SearchName = "SearchServiceApplication_on_xxxx_Farm_publishing"
    $PublishingFarmTopology = "https://xxxxxx:32844/Topology/topology.svc"
    $ConsumedServiceApplicationName = "Connection to: APP-PROD"+$SearchName
    # Consume Search Service Application
    $PublishedServices = Receive-SPServiceApplicationConnectionInfo -FarmUrl $PublishingFarmTopology
    # Get Publishing URL for Search Service Application
    $SearchService = ($PublishedServices | ForEach-Object {$_ | where {$_.SupportingProxy -eq "SearchServiceApplicationProxy" -AND $_.Displayname -eq $SearchName }}).Uri.ToString()
    # Connect to Search Service Application
    New-SPEnterpriseSearchServiceApplicationProxy -Name $ConsumedServiceApplicationName -Uri $SearchService

    Getting error for $PublishedServices = Receive-SPServiceApplicationConnectionInfo -FarmUrl $PublishingFarmTopology

    Saturday, March 22, 2014 7:54 AM

All replies

  • Further error details from the uls log

    An exception occurred when calling SPTopologyWebServiceApplicationProxy.EnumerateSharedServiceApplications on service https://xxxxx:32844/Topology/topology.svc : System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. ---> System.ServiceModel.FaultException: An error occurred when processing the security tokens in the message.     --- End of inner exception stack trace ---    Server stack trace:      at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)     at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestCh... 026ccdca-7475-49aa-8dfb-e3a5afcd0145

    Saturday, March 22, 2014 9:33 AM
  • It looks like you mixed up the farms. This is how to do it

    1. On Consuming farm: export root and STS cert
    2. On Publishing farm: export root cert
    3. On Consuming farm: import publishing farm root cert
    4. On Publishing farm: import consuming farm root and STS cert
    5. On Publishing farm: set permissions on topology service using Consuming farm id
    6. On Publishing farm: publish the SA
    7. On Publishing farm: set permissions on the published SA
    8. On Consuming farm: consume the SA

    And you don't need any specific certificates - SharePoint has its own certificate store.

    Saturday, March 22, 2014 4:37 PM
  • Couple of things to check...As Indra Mentioned in his reply...Make sure your trust is properly established and then Your consumer farm have the permission on the publishing.

    also make sure the Clock time on both farm should be same.

    try to reboot the servers.

    Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog:

    Saturday, March 22, 2014 9:32 PM
  • None of the above suggestion worked :-( any other suggestion or troubleshooting tips.

    Sunday, March 23, 2014 10:46 AM
  • Create a demo farm and check if you are connect to that farm. I assume this is something to do with network between farm. Make sure new farm is in same subnet and does not has any firewall in between

    If this helped you resolve your issue, please mark it Answered

    Monday, July 14, 2014 3:56 PM