The purpose of this wiki is to share the knowledge gained while troubleshooting an issue that I recently worked concerning Forefront Identity Manager 2010 Certificate Management (FIM CM). The goal of this wiki is hopefully to provide knowledge to help others resovle this issue as well.
You are attempting to recover a certificate in the FIM CM 2010 portal, and receive the following error message in the GUI. Error Message: CCertRequest::GetCAPropertyFlags: The version of the OLE on the client and server machines does not match. 0x80010110.
You are attempting to recover a certificate in the FIM CM 2010 portal, and receive the following error message in the GUI.
"2012-07-12 19:33:57.15 -04" "Microsoft.Clm.Web.Authentication.CustomAuthenticationConfiguration" "Microsoft.Clm.Web.Authentication.FilteredApplication MapPathToApplication(System.String)" "" "DOMAIN1\FIMCMWebPool01" 0x00000D60 0x00000003 Mapping path: [error.aspx] "2012-07-12 19:33:57.15 -04" "Microsoft.Clm.Web.Authentication.CustomAuthenticationConfiguration" "Microsoft.Clm.Web.Authentication.FilteredApplication MapPathToApplication(System.String)" "" "DOMAIN1\FIMCMWebPool01" 0x00000D60 0x00000003 Path: [error.aspx] was not found in the configuration section.
"2012-07-12 19:33:57.15 -04"
"Microsoft.Clm.Web.Authentication.CustomAuthenticationConfiguration"
"Microsoft.Clm.Web.Authentication.FilteredApplication MapPathToApplication(System.String)"
""
"DOMAIN1\FIMCMWebPool01"
0x00000D60
0x00000003
Mapping path: [error.aspx]
"DOMAIN1\FIMCMWebPool01" 0x00000D60
0x00000003 Path: [error.aspx] was not found in the configuration section.
Log Name: FIM Certificate Management
Source: System.Web
Date: 7/12/2012 7:33:57 PM Event ID: 0 Task Category: None Level: Error Keywords: Classic User: N/A Computer: <COMPUTER NAME> Description: The description for Event ID 0 from source System.Web cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
Message:Exception of type 'System.Web.HttpUnhandledException' was thrown.
Source:System.WebStack Trace: at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at ASP.content_sm_requests_subscriberrecoverexecute_aspx.ProcessRequest(HttpContext context) in c:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\certificatemanagement\a8741d44\95e9fa81\App_Web_chusznfi.4.cs:line 0
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Inner Exception:Message:Current user 'DOMAIN1\user1' is not authorized to self-service the DOMAIN1\user1 request.
Type:System.UnauthorizedAccessException
Source:Microsoft.Clm.BusinessLayer
Stack Trace: at Microsoft.Clm.BusinessLayer.UserPrincipal.ThrowUnauthorizedForRequestException(Guid requestUuid)
at Microsoft.Clm.BusinessLayer.UserPrincipal.IsAuthenticatedForRequestAndThrow(Guid requestUuid)
at Microsoft.Clm.Web.BasePage.CheckAuthorizedForRequestAndThrow(Guid requestUuid)
at Microsoft.Clm.Web.SubscriberRecoverExecute.get_RequestUuid()
at Microsoft.Clm.Web.SubscriberRecoverExecute.Page_Load(Object sender, EventArgs e)
at System.Web.UI.Control.OnLoad(EventArgs e)
at System.Web.UI.Control.LoadRecursive()
The issue can be caused by a few different items: UID Authentication Delegation of WebPool and/or SQL Server Accounts SPNs on the accounts
The issue can be caused by a few different items:
Review the following Microsoft TechNet Article: Perform FIM CM Post-Installation Tasks: http://technet.microsoft.com/en-us/library/hh230239(WS.10).aspx
Review the following Microsoft TechNet Article: