SecureAuth Idp Version affected: All
Description:
All realms with the exception of the Admin Realm (SecureAuth0) show "HTTP Error 503. The service is unavailable". Additionally the Application Event Log will contain Event ID: 2307 from Source: IIS-W3SVC-WP similar to the following:
The worker process for application pool 'APPLICATION_POOL_NAME' encountered an error 'Cannot read configuration file ' trying to read configuration data from file '\\?\<EMPTY>', line number '0'. The data field contains the error code.
Cause:
IIS is unable to read the application pool configuration file. This can be due to incorrect permissions or file system corruption.
Resolution:
The application pool configuration file is normally located in:
D:\inetpub\temp\appPools\APPLICATION_POOL_NAME\APPLICATION_POOL_NAME.config
or for older versions of SecureAuth IdP:
C:\inetpub\temp\appPools\APPLICATION_POOL_NAME\APPLICATION_POOL_NAME.config
- Check that the file exists and contains XML
- Check that the ACL allows Full Control access to SYSTEM and Administrators and that "IIS AppPool\APPLICATION_POOL_NAME" has Read access:
If the file is missing, corrupt or the ACL is corrupt then do the following:
- Open IIS Manager
- In the left pane, expand the Server | Application Pools
- Right click the existing APPLICATION_POOL_NAME | Basic Settings... and take a screenshot of the settings.
- Repeat for APPLICATION_POOL_NAME | Advanced Settings
- Right click Application Pools | Add Application Pool...
- Type a name for the new application pool and ensure it has the same settings as recorded in Step 3 then Click OK
- Right click the new application pool | Advanced settings and ensure all the settings match those recorded in step 4 then click OK.
- Right click the original application pool APPLICATION_POOL_NAME | View Applications
- For each application, Right Click | Change Application Pool... then choose your newly created application pool from the drop down list and click OK. Repeat for all applications assigned to the old application pool.
- Test the realms, they should now work.
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.
Comments
Please sign in to leave a comment.