Showing posts with label Security token service is not available. Show all posts
Showing posts with label Security token service is not available. Show all posts

05 August, 2013

Security token service is not available- SP2010

Security token plays an important role with respect to authentication purpose, if this stops functioning then you will start getting so many tickets regarding access as well as critical tickets which are dependent on the same as few other services are also dependent on this service i.e. security token.

Here is the Microsoft link which talks about in details on security token:

While doing the sanity check across all front ends, we have noticed the security token service exception in the event viewer logs with respect to one of the server.

Here are the details:
Error message: Security token service is not available.

Checked the IIS status and found all the application pools and websites were in stopped status.

Started all the SharePoint entities which were in stopped status.

Checked the rule again and it was not there in the HA (Health Analyzer) list anymore.

Issue resolved, we are good now. Thank you.

Few IMP points which are essential while troubleshooting this issue:

In our case, the security token service was working initially without any issues and the farm was already built properly. But in your case, if it’s a newly built farm then it might be a hotfix issue as per this Microsoft article:


If you have any queries regarding the above mentioned information then please let me know, I would be more than happy to help you as well as resolves your issues.


Also-if you have a different resolution regarding the same issue then request you to share the same so that it would be useful to other as well. Thank you.

11 March, 2012

Security token service is not available

After installing SharePoint Foundation 2010 I noticed a warning in the Central Admin > Review problems and solutions report that the Security Token Service is not available.

The Security Token Service is not available.
The Security Token Service is not issuing tokens. The service could be malfunctioning or in a bad state.
SP Security Token Service (Security Token Service)

This issue happends becuase of the following symptons:

-The following error appears in the SharePoint server’s event log every hour:
“An error occurred while receiving the HTTP response to http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details.”
-Users are unable to log in to SharePoint sites protected by claims authentication.

Probable causes:
1.A required WCF hotfix has not been installed on the SharePoint server
2.Authentication for the SecureTokenServiceApplication is not configured properly in IIS.
3.The web.config file of the SecureTokenServiceApplication contains invalid data
4.The SecureTokenServiceApplication is not provisioned properly.

Resolution:
We have followed the microsoft suggested guidelines and the issue has been resolved:
1.Missing WCF Hotfix: If the server is running Windows Server 2008 SP2, please ensure that the hotfix mentioned at http://support.microsoft.com/kb/971831 is installed. If the server is running Windows Server 2008 R2, the hotfix mentioned at http://support.microsoft.com/kb/976462 must be installed.

2.Incorrect Authentication Settings: Please ensure that the authentication settings for the SecureTokenServiceApplication are correctly configured by completing the following steps:
a) Open IIS Manager
b) Expand “Sites”
c) Expand “SharePoint Web Services”
d) Select “SecurityTokenServiceApplication”
e) From the “Features” pane, double click on “Authentication” under “IIS”
f) Right click “Forms Authentication” and select “Disable”
g) The authentication settings page should only have Windows and Anonymous access enable for the security token service to issue tokens properly (and for claims authentication to work properly)

3.Incorrect data in the configuration file: Please review the web.config file of the secure token service application and compare it to a web.config file from a "working" secure token service application.

4.SecureTokenServiceApplication not provisioned: Use the following power shell commands to provision the secure token service application
$sts = Get-SPServiceApplication | ?{$_ -match "Security"}
$sts.Status
$sts.Provision()

If you have any queries/questions regarding the above mentioned information then please let me know. I would be more than happy to help you as well as resolves your issues, Thank you.