SP Foundation 2010 - ViewFormPagesLockdown alternative

We have an internet facing site on SharePoint 2010 Foundation. We have anonymous access enabled (mandatory), but we need to lock down access to the _layouts, _catalogs, etc directories. By lock down, I mean we don't want the user to be able to 'View All
Site Content' and see the lists. We need their user to have 'access' to them so the content is rendered/ran appropriately.
Is the only alternative to lock these directories down in the web.config?

Hi TBeam, 
Yes, I have one !
I had released a version of the lockdown feature for SharePoint Foundation that you can download on Codeplex. 
http://customlockdown.codeplex.com/
Hope that helps...
Marc Charmois - http://mosshowto.blogspot.com

Similar Messages

  • Problem connecting to external SQL table using BCS in SharePoint Foundation 2010

    Hi all,
    I am working on SharePoint Foundation 2010. I have a requirement wherein I need to connect to SQL in some other server.
    I used BCS to create external content type and then I created an external list. now when I try to view the list on browser it says "Login failed for the user NT AUTHORITY\ANONYMOUS LOGIN".
    I am using "User's Identity" for authentication with SQL.
    How can solve this issue. Please help.
    any help is greatly appreciated.
    Thanks.

    That sounds like you might not be using Kerberos and/or your Kerberos authentication isn't working to pass your credentials.
    As you may know there's a limitation with NTLM permissions that prevents something known as the 'double hop'. This is where a server (SharePoint for example) tries to request things on your behalf. With NTLM you can't do this at all, the alternative is to
    use Kerberos which can handle double hops. One thing to know about Kerberos, if it's not completely set up right then IIS and SharePoint will almost always revert to NTLM so it's easy to think you've enabled it only to discover it's failing and you're really
    using NTLM.
    This guide will take you through setting up Kerberos in painful detail, it's great:
    http://www.microsoft.com/en-us/download/details.aspx?id=23176

  • Sharepoint Foundation 2010 SP2 or SharePoint Foundation 2013

    Experts,
    I am installing FIM 2010 R2 SP1 on windows 2012.
    FIM Sync installed on server1.
    FIM Service installed on server2.
    Now I have to install:-
    FIM Portal on server3.
    With googling I understand that I need SharePoint Foundation 2013 or SharePoint Foundation 2010 SP2.
    Can anyone guide what would be the safe approach. I don't have any knowledge of SharePoint.
    Please suggest.
    Thanks,
    Mann

    Considering you would use it for FIM only, it doesn't really matter which version would you pick.
    If you want to implement FIM on Windows Server 2012 (or R2), just make sure that you install correct version of SharePoint (at least 2010 SP2)
    Keep trying If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.

  • Sharepoint foundation 2010 externel https access problems

    I have a very strange problem with my sharepoint foundation 2010 site.
    I have a site which is accessible from outside on https (we have a valid certificate). I configured IIS for http and https.
    Also I configured internal and externel access for this site on sharepoint.
    But sometimes, the site is not accessible from outside on https with (externe.site.fr), BUT  it will be accessible with public ip !!!
    And also accessible from inside. (with interne.intranet.site.fr)
    Any Idea ?
    thanks

    Hi,
    According to your post, my understanding is that your site is not accessible from outside using external host name with https sometimes.
    As your site can be accessible with public IP, however it can’t be accessible from outside using external host name with https sometimes, the issue could be caused by the gateway server in your environment.
    I suggest that you need to check the gateway server configuration.
    For more information, you can refer to:
    http://community.bamboosolutions.com/blogs/sharepoint-2013/archive/2012/12/05/how-to-set-up-microsoft-forefront-unified-access-gateway-environment-for-sharepoint-2013.aspx
    http://nhutcmos.wordpress.com/2013/07/26/configure-ssl-certificate-for-sharepoint-external-https-access/
    http://sharepointdotnetwiki.iblogger.org/2009/12/dns-setup-in-sharepoint/
    http://underthehood.ironworks.com/2010/06/making-a-sharepoint-2010-site-externally-available-alternate-access-mappings-host-header-bindings.html
    Best Regards,
    Yumi Fu

  • SharePoint Foundation 2010 Workspace problem

    I've installed sharepoint foundation 2010 in a Windows server 2008 R2 standard environment. I've added some site collections and added some libraries to the site pages. Ive put in various permissions and groups and tested no problem using
    Sharepoint workspace 2010 on a Windows 7 32 bit client.
    But when I do a remote desktop connection to another server with 2008 R2 standard installed I can't get Sharepoint workspace 2010 to work properly. It opens an account and connects to my sharepont site but in the pane to the right where I would normally
    see library documents listed all that comes up is an error stating - Error: Cannot Display Tool.
    Also if I try to sync I get the following error:-
    The parameter is incorrect
    HResult: 0x80070057 (0x386d7565)
    Process: Groove.exe (ID:17936(0x00004610))  
    No amount of googling has found a solution, no similar postings had any resolutions.
    Any help would be much appreciated
      

    My apologies. I'd focused on the error and hadn't adequately read the information you provided on the environment. The issue is probably with using SharePoint Workspace on the remote computer, not with SharePoint Foundation.
    Here is what I understand you to be doing:
    You use Remote Desktop to connect to the Windows Server 2008 R2 computer, where you log in with your domain account, which is a member of the local Users group.
    On the remote computer, you start SharePoint Workspace.
    On the Launchbar, you click New, click SharePoint Workspace, select your site, and then click
    OK.
    The workspace is created and appears (from the progress bar) to download content.
    When you click Open Workspace, no content is displayed. Instead, you see the "Cannot Display Tool" error.
    Is that correct?
    There are three areas where SharePoint Workspace is complicated to run remotely:  
    Where SharePoint Workspace will be run by a user other than the one installing it, it must not be lauched during the installation. This seems the most likely to be the issue, as we have seen the same failure and error at a customer site where several
    users had been given a computer image created on a computer where SharePoint Workspace had been launched before image creation.
    Only one user should run SharePoint Workspace (Groove.exe) at a time. (Sometimes multiple instances work, but it's not reliable.)
    You need to have a local profile on the computer which is running SharePoint Workspace. SharePoint Workspace is not supported with Roaming or Temporary profiles. Usually, this problem would prevent you from starting SharePoint Workspace, but some
    environments with custom permissions can lead to other errors.
    SharePoint Workspace uses the current user's permissions for SharePoint server access, In the case of Forms-Based authentication, it prompts for credentials at workspace creation, but then uses the credentials in the active browser session when opening
    the workspace. I think this could only be related to your problem if you are logged in as another user in your browser, and that user has access to some, but not all, of the site your workspace connects to.

  • SharePoint Foundation 2010: search error: "Your search cannot be completed because of a service error."

    Hi,
    I have SharePoint Foundation 2010 running on a single server with databases, with a second server in the farm serving as a 2nd app tier. Both server have the exact same versions of SharePoint loaded (according to the Central Admin site).
    Whenever I try to run a search from any site in my SharePoint Foundation 2010 installation (in this example I typed "this is my query"), it hangs for 20-30 seconds while the IE status bar says:
    Waiting for http://SERVER2010:80/tfs/SITE1/_layouts/searchresults.aspx?k=this%20is%20my%20query&u=http%3A%2F%2Ftfs2010db%2Ftfs%2FSITE1
    Then it finally returns a results screen with an error that says: "Your search cannot be completed because of a service error. Try your search again or contact your administrator for more information."
    Checking the SharePoint logs under C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\LOGS, the relevant entries say the following (items I deem important
    bolded):
     11/05/2011 18:22:25.88 w3wp.exe (0x35F0) 0x1908 SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Request (HEAD:http://172.22.100.101:80/)) 11/05/2011 18:22:25.88 w3wp.exe (0x35F0) 0x1908 SharePoint Foundation Logging
    Correlation Data xmnv Medium Name=Request (HEAD:http://172.22.100.101:80/) a7ab70a3-61bd-4d62-b5a4-cf77a45dafb9
    11/05/2011 18:22:25.88 w3wp.exe (0x35F0) 0x1908 SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (HEAD:http://172.22.100.101:80/)). Execution Time=3.33645756653429 a7ab70a3-61bd-4d62-b5a4-cf77a45dafb9
    11/05/2011 18:22:50.73 w3wp.exe (0x35F0) 0x3148 SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Request (POST:http://SERVER2010:80/tfs/SITE1/_layouts/searchresults.aspx?k=this%20is%20my%20query&u=http%3A%2F%2FSERVER2010%2Ftfs%2FSITE1))
    11/05/2011 18:22:50.73 w3wp.exe (0x35F0) 0x3148 SharePoint Foundation Logging Correlation Data xmnv Medium Name=Request (POST:http://SERVER2010:80/tfs/SITE1/_layouts/searchresults.aspx?k=this%20is%20my%20query&u=http%3A%2F%2FSERVER2010%2Ftfs%2FSITE1)
    fea6cc87-0404-497a-838e-5e154f422aa4
    11/05/2011 18:22:50.73 w3wp.exe (0x35F0) 0x3148 SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (POST:http://SERVER2010:80/tfs/SITE1/_layouts/searchresults.aspx?k=this%20is%20my%20query&u=http%3A%2F%2FSERVER2010%2Ftfs%2FSITE1)).
    Execution Time=4.3055751499143 fea6cc87-0404-497a-838e-5e154f422aa4
    11/05/2011 18:22:50.73 w3wp.exe (0x35F0) 0x3148 SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Request (POST:http://SERVER2010:80/tfs/SITE1/_layouts/searchresults.aspx?k=this%20is%20my%20query&u=http%3A%2F%2FSERVER2010%2Ftfs%2FSITE1))
    11/05/2011 18:22:50.73 w3wp.exe (0x35F0) 0x3148 SharePoint Foundation Logging Correlation Data xmnv Medium Name=Request (POST:http://SERVER2010:80/tfs/SITE1/_layouts/searchresults.aspx?k=this%20is%20my%20query&u=http%3A%2F%2FSERVER2010%2Ftfs%2FSITE1)
    5e283c89-990f-4572-ae77-a1e6a5aad502
    11/05/2011 18:22:50.75 w3wp.exe (0x35F0) 0x3148 SharePoint Foundation Logging Correlation Data xmnv Medium Site=/tfs/SITE1 5e283c89-990f-4572-ae77-a1e6a5aad502
    11/05/2011 18:22:50.77 w3wp.exe (0x35F0) 0x3148 SharePoint Foundation Search Query dn6r High FetchDataFromURL start at(outside if): 1 param: start 5e283c89-990f-4572-ae77-a1e6a5aad502
    11/05/2011 18:22:50.79 mssearch.exe (0x58A4) 0x2534 SharePoint Foundation Search QueryComponentSelection aee7 Medium
    Did You Mean Suggester not found. [smart2.hxx:382] d:\office\source\otools\inc\search\common\ytrip\tripoli\smart2.hxx 5e283c89-990f-4572-ae77-a1e6a5aad502
    11/05/2011 18:22:50.91 mssearch.exe (0x58A4) 0x2534 SharePoint Foundation Search Query Processor e0pg Medium 1dd958fb-b605-4b3b-a676-28a3cafb2eb6:
    Query completed 125 ms, detailed time: Query stage execution ms times: 0 125 0 0 125 0 0 0 Query stage cpu ms times: 0 31 0 0 31 0 0 0 Query stage hit counts: 1 1 1 7 1 0 1 1 Cursor count: 260 Mapped page count: 164 Total index count: 7 [srequest.cxx:5526]
    d:\office\source\search\native\ytrip\tripoli\cifrmwrk\srequest.cxx 5e283c89-990f-4572-ae77-a1e6a5aad502
    11/05/2011 18:23:06.08 w3wp.exe (0x35F0) 0x3148 SharePoint Foundation Search Exceptions 1hjo
    Medium Exception thrown: 0x80040e31 (d:\office\source\otools\inc\search\common\ytrip\tripoli\timeout.hxx:51 ip 0x000007FEECF099B7) 5e283c89-990f-4572-ae77-a1e6a5aad502
    11/05/2011 18:23:06.08 w3wp.exe (0x35F0) 0x3148 SharePoint Foundation Search
    Query Processor e2o1 High In CRootQuerySpec::Execute - caught exception: 0x80040e31, translated to: 0x80040e31 5e283c89-990f-4572-ae77-a1e6a5aad502
    11/05/2011 18:23:06.08 w3wp.exe (0x35F0) 0x3148 SharePoint Foundation Search Administration 0000
    High Log Query: More Information: Execution stopped because a resource limit was reached. No results were returned.
    5e283c89-990f-4572-ae77-a1e6a5aad502
    11/05/2011 18:23:06.08 w3wp.exe (0x35F0) 0x3148 SharePoint Foundation Web Parts 89a1
    High Error while executing web part: Microsoft.SharePoint.Search.WebControls.Srhdc GenericException: Your search cannot be completed because of a service error. Try your search again or contact your administrator for more information.
    ---> System.ServiceProcess.TimeoutException: System error. at Microsoft.SharePoint.Search.Query.KeywordQueryInternal.Execute() at Microsoft.SharePoint.Search.Query.QueryInternal.Execute(QueryProperties properties) at Microsoft.SharePoint.Search.Query.Query.Execute()
    at Microsoft.SharePoint.Search.WebControls.SearchResultHiddenObject.GetResultData() --- End of inner exception stack trace --- at Microsoft.SharePoint.Search.WebControls.SearchResultHiddenObject.get_ResultsReturned() at Microsoft.SharePoint.Search.Internal.WebControls.CoreRes...
    5e283c89-990f-4572-ae77-a1e6a5aad502
    11/05/2011 18:23:06.08* w3wp.exe (0x35F0) 0x3148 SharePoint Foundation Web Parts 89a1 High ...ultsWebPart.ModifyXsltArgumentList(ArgumentClassWrapper argList) at Microsoft.SharePoint.WebPartPages.DataFormWebPart.PrepareAndPerformTransform(Boolean
    bDeferExecuteTransform) 5e283c89-990f-4572-ae77-a1e6a5aad502
    11/05/2011 18:23:06.08 w3wp.exe (0x35F0) 0x3148 SharePoint Foundation Web Parts 89a2
    High InnerException 1: System.ServiceProcess.TimeoutException: System error. at Microsoft.SharePoint.Search.Query.KeywordQueryInternal.Execute() at Microsoft.SharePoint.Search.Query.QueryInternal.Execute(QueryProperties properties) at Microsoft.SharePoint.Search.Query.Query.Execute()
    at Microsoft.SharePoint.Search.WebControls.SearchResultHiddenObject.GetResultData() 5e283c89-990f-4572-ae77-a1e6a5aad502
    11/05/2011 18:23:06.08 w3wp.exe (0x35F0) 0x3148 SharePoint Foundation Monitoring b4ly High Leaving Monitored Scope (DataBinding DataFormWebPart ()). Execution Time=15302.2074034549 5e283c89-990f-4572-ae77-a1e6a5aad502
    11/05/2011 18:23:06.09 w3wp.exe (0x35F0) 0x3148 SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (POST:http://SERVER2010:80/tfs/SITE1/_layouts/searchresults.aspx?k=this%20is%20my%20query&u=http%3A%2F%2FSERVER2010%2Ftfs%2FSITE1)).
    Execution Time=15358.1002613461 5e283c89-990f-4572-ae77-a1e6a5aad502
    11/05/2011 18:23:06.59 w3wp.exe (0x35F0) 0x58E0 SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Request (GET:http://SERVER2010:80/tfs/SITE1/Shared%20Documents/SITE1_logo_sharepoint.png))
    11/05/2011 18:23:06.59 w3wp.exe (0x35F0) 0x58E0 SharePoint Foundation Logging Correlation Data xmnv Medium Name=Request (GET:http://SERVER2010:80/tfs/SITE1/Shared%20Documents/SITE1_logo_sharepoint.png) f0d03f8e-d78b-4004-9a5f-3ee9955afa60
    11/05/2011 18:23:06.59 w3wp.exe (0x35F0) 0x5C6C SharePoint Foundation General af71 Medium HTTP Request method: GET f0d03f8e-d78b-4004-9a5f-3ee9955afa60
    11/05/2011 18:23:06.59 w3wp.exe (0x35F0) 0x5C6C SharePoint Foundation General af75 Medium Overridden HTTP request method: GET f0d03f8e-d78b-4004-9a5f-3ee9955afa60
    11/05/2011 18:23:06.59 w3wp.exe (0x35F0) 0x5C6C SharePoint Foundation General af74 Medium HTTP request URL: /tfs/SITE1/Shared%20Documents/SITE1_logo_sharepoint.png f0d03f8e-d78b-4004-9a5f-3ee9955afa60
    11/05/2011 18:23:06.60 w3wp.exe (0x35F0) 0x58E0 SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (GET:http://SERVER2010:80/tfs/SITE1/Shared%20Documents/SITE1_logo_sharepoint.png)). Execution Time=9.75459171486879 f0d03f8e-d78b-4004-9a5f-3ee9955afa60
    Not sure what "resource limit is reached" actually means. This SharePoint installation is running under regular SQL 2008 R2, and the
    WSS_Content database is fairly small (10gig). I've reviewed the Search Service, the process account running it, the
    WSS_SEARCH index database, and verified that the Content database is using the proper index database. Everything looks like it should be crawling/indexing/working fine. But the WSS_SEARCH
    database isn't very large, so I'm not sure if the crawling is actually filling it with anything.
    Not sure where to start seriously troubleshooting this. Any advice would be appreciated. Thanks.

    Hi,
    The query ran in tens of seconds. This indicates that at some point a bad plan compiled and stayed in the cache. 
    It may have gotten there because the statistics were out of date. 
    A possible way to keep this from happening is to rebuild statistics with full scan more frequently.
    Try free the proc cache and see the result.
    http://msdn.microsoft.com/en-us/library/ms174283(v=SQL.105).aspx
    Thanks,
    Rock Wang
    Regards, Rock Wang Microsoft Online Community Support

  • Sharepoint Foundation 2010 and SSRS

    Hi I have one small problem with Sharepoint Foundation 2010 and SSRS Integrated mode.
    We have one installation with frontend and backend server, backend is installed on SSRS server and Kerberos authentication is enabled.
    There are no problem to view reports with webparts but when you make one automatic subscription to make Report PDF files in one file share, it makes 5 och 30 files.
    I can only find this in log files:
    w3wp!library!18!01/26/2015-19:20:33:: i INFO: Skipped creating a dump file for the error InternalCatalogException, because a dump with the identical stack trace (with signature 1778776910) was already created.
    w3wp!library!18!01/26/2015-19:20:33:: e ERROR: Throwing Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException: Unhandled exception in timer Database version check, Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException:
    An internal error occurred on the report server. See the error log for more details. ---> System.InvalidCastException: Unable to cast object of type 'System.DBNull' to type 'System.String'.
       at Microsoft.ReportingServices.Library.ConnectionManager.GetDBVersion(Boolean rethrow)
       at Microsoft.ReportingServices.Library.ConnectionManager.EnsureCorrectDBVersion()
       at Microsoft.ReportingServices.Library.ConnectionManager.ConnectStorage(VersionVerificationOptions option)
       at Microsoft.ReportingServices.Library.DatabaseVersionCheckTimer.DoTimerAction()
       at Microsoft.ReportingServices.Diagnostics.TimerActionBase.TimerAction(Object unused)
       --- End of inner exception stack trace ---;
    Any ideas?

    Hi Dalibor,
    Based on your description, my understanding is that the error occurred when automatically making Report PDF files.
    Could you please provide the version of SQL server in your environment?
    If you are using SQL server 2012, I recommend to update the SQL server with SP1 and CU7 to see if the issue still occurs.
    And please also re-configure the Reporting Service Application and then check the results:
    https://technet.microsoft.com/en-us/library/bb326213(v=sql.105).aspx
    https://msdn.microsoft.com/en-us/library/gg492276(v=sql.110).aspx
    Thanks,
    Victoria
    Forum Support
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
    [email protected]
    Victoria Xia
    TechNet Community Support

  • Sharepoint Foundation 2010 install fails on Windows 2012 R2 server

    Microsoft kb article at https://support.microsoft.com/kb/2724471/ is saying we need to use the Sharepoint install CD that includes SP2 in order for installation to succeed.  Where can we download Sharepoint Foundation 2010 SP2 slipstream install image
    so that we can be compatible with install on a Win2012 R2 server?  Can you provide a link.   Technet download page only has the Sharepoint install and the SP2 install separately.   Thank you.

    You can download it from here:
    https://www.microsoft.com/en-us/download/details.aspx?id=24983
    Trevor Seward
    Follow or contact me at...
    &nbsp&nbsp
    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

  • SharePoint foundation 2010 on Windows Server 2012 R2

    Hello,
    I have done an in place upgrade of my Windows 2008 R2 enterprise server (running Sharepoint Foundation 2010) to Windows 2012 R2 standard (for license reason). I have applied the latest service pack 2 and hotfix (14.0.7113.5000) to sharepoint . When
    I want to open the SharePoint 2010 Management Shell I am getting "The Local farm is not accessible. Cmdlets with FeatureDependencyId are not registered". I have tried different thing (like setting up a config file for powershell to load version 2, 
    or running PSConfig.exe -cmd upgrade -inplace b2b -force -cmd applicationcontent -install -cmd installfeatures ) without success.
    I am currently unable to make a backup of the farm.
    If someone would have an idea, that would help me a lot.
    Thanks
    PS: I am able to open The Sharepoint Central Administration, and the farm is working.

    Try this, run cmd.exe "As Administrator".
    powershell -version 2.0
    Add-PSSnapin Microsoft.SharePoint.PowerShell
    Does that work?
    Trevor Seward
    Follow or contact me at...
    &nbsp&nbsp
    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

  • Issue with SharePoint foundation 2010 to use Claims Based Auth with Certificate authentication method with ADFS 2.0

    I would love some help with this issue.  I have configured my SharePoint foundation 2010 site to use Claims Based Auth with Certificate authentication method with ADFS 2.0  I have a test account set up with lab.acme.com to use the ACS.
    When I log into my site using Windows Auth, everything is great.  However when I log in and select my ACS token issuer, I get sent, to the logon page of the ADFS, after selected the ADFS method. My browser prompt me which Certificate identity I want
    to use to log in   and after 3-5 second
     and return me the logon page with error message “Authentication failed” 
    I base my setup on the technet article
    http://blogs.technet.com/b/speschka/archive/2010/07/30/configuring-sharepoint-2010-and-adfs-v2-end-to-end.aspx
    I validated than all my certificate are valid and able to retrieve the crl
    I got in eventlog id 300
    The Federation Service failed to issue a token as a result of an error during processing of the WS-Trust request.
    Request type: http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
    Additional Data
    Exception details:
    Microsoft.IdentityModel.SecurityTokenService.FailedAuthenticationException: MSIS3019: Authentication failed. ---> System.IdentityModel.Tokens.SecurityTokenValidationException:
    ID4070: The X.509 certificate 'CN=Me, OU=People, O=Acme., C=COM' chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. 'A certification chain processed
    correctly, but one of the CA certificates is not trusted by the policy provider.
    at Microsoft.IdentityModel.X509CertificateChain.Build(X509Certificate2 certificate)
    at Microsoft.IdentityModel.Tokens.X509NTAuthChainTrustValidator.Validate(X509Certificate2 certificate)
    at Microsoft.IdentityModel.Tokens.X509SecurityTokenHandler.ValidateToken(SecurityToken token)
    at Microsoft.IdentityModel.Tokens.SecurityTokenElement.GetSubject()
    at Microsoft.IdentityServer.Service.SecurityTokenService.MSISSecurityTokenService.GetOnBehalfOfPrincipal(RequestSecurityToken request, IClaimsPrincipal callerPrincipal)
    --- End of inner exception stack trace ---
    at Microsoft.IdentityServer.Service.SecurityTokenService.MSISSecurityTokenService.GetOnBehalfOfPrincipal(RequestSecurityToken request, IClaimsPrincipal callerPrincipal)
    at Microsoft.IdentityServer.Service.SecurityTokenService.MSISSecurityTokenService.BeginGetScope(IClaimsPrincipal principal, RequestSecurityToken request, AsyncCallback callback, Object state)
    at Microsoft.IdentityModel.SecurityTokenService.SecurityTokenService.BeginIssue(IClaimsPrincipal principal, RequestSecurityToken request, AsyncCallback callback, Object state)
    at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract.DispatchRequestAsyncResult..ctor(DispatchContext dispatchContext, AsyncCallback asyncCallback, Object asyncState)
    at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract.BeginDispatchRequest(DispatchContext dispatchContext, AsyncCallback asyncCallback, Object asyncState)
    at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract.ProcessCoreAsyncResult..ctor(WSTrustServiceContract contract, DispatchContext dispatchContext, MessageVersion messageVersion, WSTrustResponseSerializer responseSerializer, WSTrustSerializationContext
    serializationContext, AsyncCallback asyncCallback, Object asyncState)
    at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract.BeginProcessCore(Message requestMessage, WSTrustRequestSerializer requestSerializer, WSTrustResponseSerializer responseSerializer, String requestAction, String responseAction, String
    trustNamespace, AsyncCallback callback, Object state)
    System.IdentityModel.Tokens.SecurityTokenValidationException: ID4070: The X.509 certificate 'CN=Me, OU=People, O=acme., C=com' chain building
    failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. 'A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.
    at Microsoft.IdentityModel.X509CertificateChain.Build(X509Certificate2 certificate)
    at Microsoft.IdentityModel.Tokens.X509NTAuthChainTrustValidator.Validate(X509Certificate2 certificate)
    at Microsoft.IdentityModel.Tokens.X509SecurityTokenHandler.ValidateToken(SecurityToken token)
    at Microsoft.IdentityModel.Tokens.SecurityTokenElement.GetSubject()
    at Microsoft.IdentityServer.Service.SecurityTokenService.MSISSecurityTokenService.GetOnBehalfOfPrincipal(RequestSecurityToken request, IClaimsPrincipal callerPrincipal)
    thx
    Stef71

    This is perfectly correct on my case I was not adding the root properly you must add the CA and the ADFS as well, which is twice you can see below my results.
    on my case was :
    PS C:\Users\administrator.domain> $root = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\
    cer\SP2K10\ad0001.cer")
    PS C:\Users\administrator.domain> New-SPTrustedRootAuthority -Name "domain.ad0001" -Certificate $root
    Certificate                 : [Subject]
                                    CN=domain.AD0001CA, DC=domain, DC=com
                                  [Issuer]
                                    CN=domain.AD0001CA, DC=portal, DC=com
                                  [Serial Number]
                                    blablabla
                                  [Not Before]
                                    22/07/2014 11:32:05
                                  [Not After]
                                    22/07/2024 11:42:00
                                  [Thumbprint]
                                    blablabla
    Name                        : domain.ad0001
    TypeName                    : Microsoft.SharePoint.Administration.SPTrustedRootAuthority
    DisplayName                 : domain.ad0001
    Id                          : blablabla
    Status                      : Online
    Parent                      : SPTrustedRootAuthorityManager
    Version                     : 17164
    Properties                  : {}
    Farm                        : SPFarm Name=SharePoint_Config
    UpgradedPersistedProperties : {}
    PS C:\Users\administrator.domain> $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\
    cer\SP2K10\ADFS_Signing.cer")
    PS C:\Users\administrator.domain> New-SPTrustedRootAuthority -Name "Token Signing Cert" -Certificate $cert
    Certificate                 : [Subject]
                                    CN=ADFS Signing - adfs.domain
                                  [Issuer]
                                    CN=ADFS Signing - adfs.domain
                                  [Serial Number]
                                    blablabla
                                  [Not Before]
                                    23/07/2014 07:14:03
                                  [Not After]
                                    23/07/2015 07:14:03
                                  [Thumbprint]
                                    blablabla
    Name                        : Token Signing Cert
    TypeName                    : Microsoft.SharePoint.Administration.SPTrustedRootAuthority
    DisplayName                 : Token Signing Cert
    Id                          : blablabla
    Status                      : Online
    Parent                      : SPTrustedRootAuthorityManager
    Version                     : 17184
    Properties                  : {}
    Farm                        : SPFarm Name=SharePoint_Config
    UpgradedPersistedProperties : {}
    PS C:\Users\administrator.PORTAL>

  • Slowness Issues with Windows Authentication in SharePoint Foundation 2010 sites

    All, 
    We are having a strange issue with SharePoint Foundation 2010 sites where sites are very slowly loading when accessed via windows based authentication where as the extended sites in  forms authentication are loading normally.
    There were no error logs or even SharePoint logs also except the images load time is showing with different load times.
    Attached are the patches that were updated to the server that may be issue but not sure. Can some one please share your thoughts.
    SQL connectivity b/w the server is good.there are no n/w issues except that the users are using the sites with a different domain other than the domain in which the servers were hosted.
    There is a trust b/w the two domains.This was never changed and there were no issues in the last 2 years.
    Thanks keshav,Share point Developer

    we do have trusted domains
    Inder : It would be better if you run that command again now.
    Inder: How many AD server do you have
    Inder: Do you notice the login request go to nearest AD server. 
    and https sites. Please share your thoughts.
    Inder: All the certificate have intermedite certificates. You need to logon to each SP server, and install
    these certificates on trusted root authority 
    If this helped you resolve your issue, please mark it Answered

  • Failed to create configuration database on Sharepoint Foundation 2010 install under Windows 7

    Configuration Failed
    Failed to create the configuration database.
    An exception of type System.IO.FileNotFoundException was thrown. Additional exception information:could not load file or assembly 'Microsoft.IdentityModel, version = 3.5.0.0,culture=neutral, PublicKey Token=31bf3856ad364e35' or one of its dependencies. The
    system cannot find the files specified.
    I already installed microsoft sharepoint foundation 2010 but I got the error as per above.How to solve this problem?

    Hi,
    Also check out Bill Baer's post:
    Common Microsoft SharePoint Server 2010 Installation Issues and Resolutions
    http://blogs.technet.com/b/wbaer/archive/2009/12/11/common-microsoft-sharepoint-server-2010-installation-issues-and-resolutions.aspx
    Thanks.
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • SharePoint Foundation 2010 SP2 running on Windows Server 2012 R2

    Hello
    I have upgraded a standalone Windows Server 2008 R2 running SharePoint Foundation 2010 SP2 to Windows Server 2012 R2. The upgrade completed OK and SharePoint Foundation 2010 SP2 is running OK as before upgrade.
    Is anyone aware of any issues running SPF 2010 SP2 on WS2012 R2?

    Hi
    no issues using SP2
    For more details check this official doc
    http://support.microsoft.com/kb/2724471
    Romeo Donca, Orange Romania (MCSE, MCITP, CCNA) Please Mark As Answer if my post solves your problem or Vote As Helpful if the post has been helpful for you.

  • Support for SharePoint Foundation 2010 on Windows Server 2012 R2

    I have located an article that states that SharePoint Server
    2010 is supported on Windows Server 2012 R2.
    http://support.microsoft.com/kb/2724471
    However, I deal with a large number of farms that are based on Foundation.  Honestly, I interpreted this article to mean both Server and Foundation were supported, but I'm receiving some resistance from consumers because there is no definitive statement
    of support from Microsoft re: Foundation and the R2 o/s.
    Does anyone know definitively whether foundation 2010 is supported on 2012 R2 or not?  And more importantly, is there some article on the subject I can reference? (I've searched without success).
    I suppose the conservative approach would be to assume it is NOT supported unless I can find information to the contrary.

    I think there need to be other considerations than "because it sounds good" (which is what the 2012 R2 decision almost sounds like it boils down to). Rather, the consideration should be made of what best supports the application, what version of the OS is
    widely used and known, what happens when we encounter new issues due to using a newer OS that is less used with this application?
    At least, that would be my argument. Same reason I would not deploy SharePoint 2013 to 2012 R2 when support arrives with SP1 -- 2013 with Server 2012 is a well known combination with many resources available for non-paid support.
    Trevor Seward
    Follow or contact me at...
    &nbsp&nbsp
    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

  • SharePoint Foundation 2010 : Changing language settings

    My employer would like to offer our clients the ability to specify a preferred language in-which to use our SharePoint solution.
    I.e. Clicking on a national flag on the dashboard will consequently display the system text within the associated language.
    Ideally this feature will be bespoke to each given user. I.e. Default language will be English. Each user thereafter will be able to specify their unique user session within their desired language.
    Is it possible to configure our solution to offer this feature? If so, how?
    We are currently using SharePoint Foundation 2010.
    Many thanks in advance.
    David
    Senninha010

    The ability to display prompts in a different language in SharePoint 2013 is called the
    Multiple Language User Interface (MUI).  The issue with what you are attempting is not building an interface to enable or disable a specific language in the MUI.  The problem is that the available languages are completely dependent on whether
    a SharePoint Language pack for that language has been loaded or not.  If they have been loaded then its just a matter of writing your application to take advantage of Localization support through the use of resource files.  But localizing your application
    without loading the SharePoint language pack for that language probably won't work well.  here's a couple articles on the MUI and localization.
    http://office.microsoft.com/en-us/sharepoint-server-help/introduction-to-multilingual-features-HA101867790.aspx
    http://msdn.microsoft.com/en-us/library/office/fp179919(v=office.15).aspx
    Paul Stork SharePoint Server MVP
    Principal Architect: Blue Chip Consulting Group
    Blog: http://dontpapanic.com/blog
    Twitter: Follow @pstork
    Please remember to mark your question as "answered" if this solves your problem.

Maybe you are looking for

  • After reinstalling OS 10.5 I can't log into my iMac PPC isight

    Yesterday booted from a firewire drive, erased my imac's harddrive and reinstalled os 10.5.  Then I used the migration assistant to restore all my settings from a time machine back up.  Once it was all finished it booted to a login screen but wouldn'

  • Cannot get Win8 Pro computer run the Connect a Computer to the Server Wizard (computerconnector) of Essentials 2012

    I've spent 1/2 the day trying to troubleshoot this problem and finally give up. My client has a Windows Server 2012 Essentials server (with all updates installed - no errors in error logs nor SFC /SCANNOW).  Purchased a new Windows 8 Pro computer, wh

  • Audio Storyboard from FCE?

    I'm working on an animation project that I'm using After Effects and FCE for. To help us storyboard the project better, I was wondering if there was any way to export my edited audio with markers from FCE into a sort of storyboard, so that we can fig

  • Data upload (HR ABAP)

    Hello friends, I need to upload data related actions infotype. I've multiple records in the file. i've done recording for the given fields i.e,fields related to Actions infotype(PERNR,BEGDA,INFTY,MASSN,MASSG), But when i run the prg it is calling the

  • Using JavaScript need to clear speach bubble error messages

    Hi, I used AdfPage.PAGE.clearMessages(null); in javascript to clear the error message, But it will not clearing the error message(speach bubble error message), it will clearing only when ADF popup Error Messages. Example: I entered wrong date in the