none
2012R2 Essentials Connect site is down

    Question

  • I have the same issue when installing connector on Win 7, 8 and now 10.  I can ping and connect to the server shares manually no problem at all but I can't get to any of the WSE 2012 r2 site/application.  Even localhost/connect from the server itself gives me that error below.  Looks like something is corrupted with IIS but the everything came back ok with the EssentialsTester.ps1 tool v2.02.  Ii feel that IIS (.NET and ASP) are at cause of the issue since I can't connect to the server website.  I did restart, IIS and all sites are running, etc...  

    Any chance we can 'reset' IIS to default in WSE 2012?  Or if I spin a VM with WSE 2012 on it, can I use some files to rebuild IIS on my server and if yes which one?

    BTW clientdeploy.log says download failed because it can't reach server.  see below:

    any help would be greatly appreciated.  I can always reinstall but that would take lots of time to reconfigure GPO, apps, backup etc... so I would prefer if I can fix the web apps on that server instead.  also other pc with connectors already installed still works so it's really an issue with IIS.

    cheers

    1360] 151201.155600.0118: ClientSetup: Start of ClientDeploy
    [1360] 151201.155600.1212: General: Initializing...C:\Windows\system32\Essentials\ClientDeploy.exe
    [1360] 151201.155600.1212: ClientSetup: Create client deployment registry subkey if necessary
    [1360] 151201.155600.1368: ClientSetup: The initial launching way: 
    [1360] 151201.155600.1368: ClientSetup: The initial state is set
    [1360] 151201.155600.1368: ClientSetup: The initial serverName: 
    [1360] 151201.155600.1368: ClientSetup: Loading Wizard Data
    [1360] 151201.155600.1368: ClientSetup: Saving Wizard Data
    [1360] 151201.155600.1524: ClientSetup: Current DeploymentStatus=Start
    [1360] 151201.155600.7931: ClientSetup: Showing the Client Deployment Wizard
    [1360] 151201.155601.1524: ClientSetup: InitWizard, The currrent stage is ConnectingToServer
    [1360] 151201.155601.1524: ClientSetup: Set the Deployment Sync Event
    [1072] 151201.155611.1524: ClientSetup: Finish server discovery
    [1360] 151201.155618.5431: ClientSetup: The input server name is 10.200.200.1
    [2976] 151201.155618.6525: ClientSetup: Entering ConnectorWizardForm.RunTasks
    [2976] 151201.155618.6681: ClientSetup: Running Task with Id=ClientDeploy.PreConfiguration
    [2976] 151201.155618.7618: ClientSetup: The configuration cab will be downloaded from 10.200.200.1
    [2976] 151201.155618.7775: ClientSetup: Download file Setup.cab from server
    [2976] 151201.155618.9024: ClientSetup: Making web request: https://10.200.200.1//connect/default.aspx?Get=Setup.cab&LanguageId=1033&64bit=1
    [2976] 151201.155619.7306: ClientSetup: Failed to download Setup.cab from server: System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
       at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
       at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
       at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
       at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
       at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
       at System.Net.ConnectStream.WriteHeaders(Boolean async)
       --- End of inner exception stack trace ---
       at System.Net.HttpWebRequest.GetResponse()
       at Microsoft.WindowsServerSolutions.ClientSetup.CSCommon.DownloadFileFromConnectSite(String outputDirectory, Uri serverUrl, String fileName, Int32 languageId, Boolean is64bit)
    [2976] 151201.155619.7462: ClientSetup: Cannot get configuration file with https, will try http...
    [2976] 151201.155619.7774: ClientSetup: Download file Setup.cab from server
    [2976] 151201.155619.7774: ClientSetup: Making web request: http://10.200.200.1//connect/default.aspx?Get=Setup.cab&LanguageId=1033&64bit=1
    [2976] 151201.155619.9493: ClientSetup: Failed to download Setup.cab from server: System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
       at System.Net.HttpWebRequest.GetResponse()
       at Microsoft.WindowsServerSolutions.ClientSetup.CSCommon.DownloadFileFromConnectSite(String outputDirectory, Uri serverUrl, String fileName, Int32 languageId, Boolean is64bit)
    [2976] 151201.155619.9493: ClientSetup: The configuration cab cannot be downloaded, pleaes retry.
    [2976] 151201.155619.9493: ClientSetup: Exiting PreConfigTask.Run()
    [2976] 151201.155619.9493: ClientSetup: Task with Id=ClientDeploy.PreConfiguration has TaskStatus=Retry
    [2976] 151201.155619.9493: ClientSetup: Task with Id=ClientDeploy.PreConfiguration has RebootStatus=NoReboot
    [2976] 151201.155619.9493: ClientSetup: Exiting ConnectorWizardForm.RunTasks

    

    Tuesday, December 1, 2015 11:39 PM

All replies

  • Are you running Roberts tester in an Admin command prompt?

    You have Chrome on the server :)  What else is installed?

    FWIW localhost/connect on the server gives a different page than a client but a page should still load even in Chrome


    Grey

    Wednesday, December 2, 2015 12:14 AM
    Moderator
  • Yes ran PowerShell as admin then load Robert's test script v2.02.  I have chrome and plex on that server.  Plex website works fine but not IIS.  Usually when connecting to localhost/server on the server itself I should get a page saying that it's local server and should run this from remote computer or something like that but instead I get the Server Error in /Application error.  I truly beleive something is up with IIS config but don't know much about it.  If someone can guide me on either troubleshooting or reseting to default config using original config IIS files I can do that .  I have a plain vanilla WSE VM ready and site is working on it.  Did a compare between IIS settings on both the server with issues and my vanilla WSE VM that IIS and sites works and all looks ok. So might be some config files???

    Thanks


    • Edited by djsly Wednesday, December 2, 2015 7:55 PM
    Wednesday, December 2, 2015 7:53 PM
  • compare the bindings for port 80 and 443 on the default site especially the cert for 443.

    I would also compare web.config files especially

    C:\Program Files\Windows Server\Bin\WebApps\Site


    Grey

    Wednesday, December 2, 2015 8:34 PM
    Moderator
  • They are the same on the new and server with issues.  The only difference on the one with issues is that i have an entries for Lights out.  other than that, i did a compare with notepad ++ and they are identical.  Binding info are in that file as well and are the same.

    Thanks

    Wednesday, December 2, 2015 10:49 PM
  • make a copy of webconfig and either copy from the new box or use a previous version

    anytime I have ever seen errors on a web page like you posted it has been the web.config

    Cost you nothing to try :)


    Grey

    Thursday, December 3, 2015 2:12 AM
    Moderator
  • For sure it's worth trying. Is that the only webconfig file I need to copy or there's others I should try as well? I can do a search but just wondering if you would know which webconfig is more likely to be at fault. Also do I need to change anything in them before copying unto the other machine that would be specific to OS instance ? Thanks again Much appreciated
    • Edited by djsly Thursday, December 3, 2015 11:10 AM
    Thursday, December 3, 2015 11:08 AM
  • I thought the OS was the same?  You spun up a virgin install?

    Best bet masy be to righty click and look for previous versions.

    Fancy word abundance of caution :)  I suppose you could stop the default website before you replaced anything

    I think that is the only one, you could test on your VM first.  Copy the one from production to the VM and see what happens


    Grey

    Thursday, December 3, 2015 1:34 PM
    Moderator
  • Yes it is the same OS version.  OS instance, I meant server (my physical at fault and virgin VM)  Both WSE 2012 r2.  Just wonder if there's info specific to machine such as GUID, keys of some sort, etc... that are specific to server in webconfig.  I will try to copy over the webconfig from C:\Program Files\Windows Server\Bin\WebApps\Site and see what happens.  Ill copy the webconfig from the faulty server onto the virgin VM that is working (will backup the webconfig from working VM first :) )  and will see if i get the same error message on the virgin VM.  Thanks for the recommendation.  We will try that tonight.

    Thursday, December 3, 2015 2:00 PM
  • I just tried to copy the webconfig from C:\Program Files\Windows Server\Bin\WebApps\Site from the server with issue to the virgin server and the website on the virgin server still working so it's not that file.  I went as far as copying the entire content from the WeApps folder from the server with issues to the virgin one and the website and local host page were still working on the virgin server but not on the other one with issues.

    I ran the tester tool again on the default server and got this message this time.  All authentication lines are in red:  other than that, CA, Services and Service Ports all green on the server with issues.

    Checking IIS Authentication..
    Site                 : Default Web Site\AxoNet.LightsOut.WebService
    Authentication       : basicAuthentication
    Enabled              : True

    Site                 : Default Web Site\AxoNet.LightsOut.WebService
    Authentication       : clientCertificateMappingAuthentication
    Enabled              : False

    Site                 : Default Web Site\AxoNet.LightsOut.WebService
    Authentication       : windowsAuthentication
    Enabled              : False

    Site                 : Default Web Site\Bin
    Authentication       : digestAuthentication
    Enabled              : False

    Do you know if there's any other config files I could copy to test it out?

    thanks again!

    Thursday, December 3, 2015 9:08 PM
  • run the tester on the virgin box to compare

    Grey

    Thursday, December 3, 2015 10:03 PM
    Moderator
  • Well pooh.  He changed the script so it only shows errors.  Hard to see what is the right settings.

    Open IIS admin on both >default site>bin> authentication and compare.  I don't see digest listed at all


    Grey

    Thursday, December 3, 2015 11:00 PM
    Moderator
  • wrong location for that web.config file

    C:\Program Files\Windows Server\Bin\WebApps\Client  is correct (well best I can tell )


    Grey

    Thursday, December 3, 2015 11:13 PM
    Moderator
  • On virgin server testing script is all green including "Checking IIS Authentication"

    Also compared Site\bin settings on both and they are identical.

    also copied the web.config located here: c:\Program Files\Windows Server\Bin\WebApps\client as well as the entire WebApps folder from the defective server to the virgin one and still on the virgin all is working fine when i type localhost on the virgin server so that folder is identical on both servers e.g. WebApps and its content.

    Thanks again

    Thursday, December 3, 2015 11:28 PM
  • it is site connect where the issue is, though it did not flag an error

    for giggles does https://localhost/connect work after you accept the cert warning


    Grey

    Thursday, December 3, 2015 11:36 PM
    Moderator
  • None of the sites are working on the defect server. Local host/connect gives a zero-sized error page, see my first post above, I have a screen shot. Thanks Sly
    Friday, December 4, 2015 3:52 AM
  • I wanted you to try it on 443 again just for giggles

    Use the "S"  https://localhost/connect


    Grey

    Friday, December 4, 2015 12:13 PM
    Moderator
  • FWIW, I moved this to a new/unanswered thread to see if you can get more eybealls

    Grey

    Friday, December 4, 2015 12:22 PM
    Moderator
  • I thought people would prefer it that way..

    Robert Pearman WSSMB MVP
    @titlerequired | LinkedIn | Google+
    Facebook | Windows Server Essentials.com

    Friday, December 4, 2015 12:25 PM
    Moderator
  • @Robert

    any feedback on the essentials tester errors?


    Grey

    Friday, December 4, 2015 12:58 PM
    Moderator
  • I dunno, here are some links for backing up and restoring IIS config.  You might backup both.  Restore the broke to the good box and see if you get the same errors.  If so restore the good box backup and see if it fixes it.

    If so then restore the good box backup to the bad box.  Normal disclaimer, I have not done this, you should have good full backups of your production server first :)

    You may also have some backups on the good box in intepub\history

    http://tritoneco.com/2015/09/02/backup-and-restore-iis-to-another-server/

    https://technet.microsoft.com/en-us/library/hh867851%28v=wps.630%29.aspx?f=255&MSPPError=-2147217396


    Grey

    Friday, December 4, 2015 1:39 PM
    Moderator
  • 500 internal server error suggests certificate issue,

    but the errors from my tool also suggest iis authentication issues.

    I would compare the auth settings between working and broken system.


    Robert Pearman WSSMB MVP
    @titlerequired | LinkedIn | Google+
    Facebook | Windows Server Essentials.com

    Friday, December 4, 2015 2:30 PM
    Moderator
  • He said they were the same.  Dunno

    Here is mine


    Grey

    Friday, December 4, 2015 2:52 PM
    Moderator
  • Yes that is correct, on both servers I have the same Authentication config for connect and every other sites under default web.  e.g. only Anonymous Authentication is enabled others are disabled.

    Thanks for moving this to a new/unanswered thread.  If it can help more that would be great.  I will try soon https with 443 to see if i get something different.

    Thanks

    Friday, December 4, 2015 7:27 PM
  • It. Gives me page not avail with https and 443. Site is running as well as service. Thanks
    Saturday, December 5, 2015 1:03 PM
  • Hi everyone, 

    I've been trying everything but still no go.  Robert said above that internal error 500 suggests certificate issue as well as potential IIS issue.  Any guidelines to verify those that I could looked at?  I'm kinda stuck and have nothing else to try so far.

    Thanks

    Thursday, December 17, 2015 2:47 PM
  • Hi Robert, 

    I did compared all settings in IIS between working and broken system and they are the same.  Any chance you can help me with that.  I know something is up with the certificates just not sure what.  Might be related to the RemoteWebaccess configuration I did?

    Any help would be greatly appreciated.

    Cheers

    sly

    Saturday, February 13, 2016 2:17 PM
  • Hi everyone,

    I'm still stuck with that issue and was wondering if anyone would have any suggestions?  I ran the script from Robert, compared settings with a plain vanilla VM that the connector site is working (same version, etc...) and all is good.  I would like to avoid rebuilding the server has much as possible.  the issue is that IIS sites aren't working which also prevent me from installing the WSE connector on new computers.  The rest works fine like the domain, etc... because I can push GPOs, etc.. .to domain registered computers no problem.  I can also add new computers to the domain but can't install the connector.  Always get message that it can't get info from server.

    Also computers with connector already installed works fine and I see status in WSE dashboard and backups are done without any issue.  It's really the WSE websites that don't work, suspect issues with IIS or certificates but not sure what else to look for.  It all started after RWA was configured apparently.  Not it is disabled but I guess they disabled something else too because no websites are working anymore.

    Any help would be greatly appreciated.

    Thanks

    Friday, April 15, 2016 1:07 PM