SharePoint 2010 Installation Issue
11/19/2009 15:43:18 9 INF Creating a new farm with config db SharePoint_Config content db SharePoint_AdminContent_d90092f4-7997-447a-a98a-d274b10e2e5d server SVR-ETHANVM1\MOSS for farm mode
11/19/2009 15:43:31 9 ERR Task configdb has failed with an unknown exception
11/19/2009 15:43:31 9 ERR Exception: System.Collections.Generic.KeyNotFoundException: The given key was not present in the dictionary.
at System.ThrowHelper.ThrowKeyNotFoundException()
at System.Collections.Generic.Dictionary`2.get_Item(TKey key)
at Microsoft.SharePoint.Utilities.SPUtility.GetUserPropertyFromAD(SPWebApplication webApplicaiton, String loginName, String propertyName)
at Microsoft.SharePoint.Administration.SPManagedAccount.GetUserAccountControl(String username)
at Microsoft.SharePoint.Administration.SPManagedAccount.Update()
at Microsoft.SharePoint.Administration.SPProcessIdentity.Update()
at Microsoft.SharePoint.Administration.SPApplicationPool.Update()
at Microsoft.SharePoint.Administration.SPWebApplication.CreateDefaultInstance(SPWebService service, Guid id, String applicationPoolId, SPProcessAccount processAccount, String iisServerComment, Boolean secureSocketsLayer, String iisHostHeader, Int32 iisPort, Boolean iisAllowAnonymous, DirectoryInfo iisRootDirectory, Uri defaultZoneUri, Boolean iisEnsureNTLM, Boolean createDatabase, String databaseServer, String databaseName, String databaseUsername, String databasePassword, SPSearchServiceInstance searchServiceInstance, Boolean autoActivateFeatures)
at Microsoft.SharePoint.Administration.SPWebApplication.CreateDefaultInstance(SPWebService service, Guid id, String applicationPoolId, IdentityType identityType, String applicationPoolUsername, SecureString applicationPoolPassword, String iisServerComment, Boolean secureSocketsLayer, String iisHostHeader, Int32 iisPort, Boolean iisAllowAnonymous, DirectoryInfo iisRootDirectory, Uri defaultZoneUri, Boolean iisEnsureNTLM, Boolean createDatabase, String databaseServer, String databaseName, String databaseUsername, String databasePassword, SPSearchServiceInstance searchServiceInstance, Boolean autoActivateFeatures)
at Microsoft.SharePoint.Administration.SPAdministrationWebApplication.CreateDefaultInstance(SqlConnectionStringBuilder administrationContentDatabase, SPWebService adminService, IdentityType identityType, String farmUser, SecureString farmPassword)
at Microsoft.SharePoint.Administration.SPFarm.CreateAdministrationWebService(SqlConnectionStringBuilder administrationContentDatabase, IdentityType identityType, String farmUser, SecureString farmPassword)
at Microsoft.SharePoint.Administration.SPFarm.CreateBasicServices(SqlConnectionStringBuilder administrationContentDatabase, IdentityType identityType, String farmUser, SecureString farmPassword)
at Microsoft.SharePoint.Administration.SPFarm.Create(SqlConnectionStringBuilder configurationDatabase, SqlConnectionStringBuilder administrationContentDatabase, IdentityType identityType, String farmUser, SecureString farmPassword, SecureString masterPassphrase)
at Microsoft.SharePoint.Administration.SPFarm.Create(SqlConnectionStringBuilder configurationDatabase, SqlConnectionStringBuilder administrationContentDatabase, String farmUser, SecureString farmPassword, SecureString masterPassphrase)
at Microsoft.SharePoint.PostSetupConfiguration.ConfigurationDatabaseTask.CreateOrConnectConfigDb()
at Microsoft.SharePoint.PostSetupConfiguration.ConfigurationDatabaseTask.Run()
at Microsoft.SharePoint.PostSetupConfiguration.TaskThread.ExecuteTask()
I got this figured out. It has something to do with the account I am using. I changed to another account, it starts to work.
Got this figured out eventually. It is the security of the user account in Active Directory. I guess before 2010, the installation wizard never needs to read the attribute of the user account from AD. With SharePoint 2010, the wizard tries to read the service acccount's AD attributes. The service account we are using in AD has the security set to not allow "Read" from anyone. I guess this the default settings for new account.
To fix it, go to domain controller, find the user account in the AD management tool. Find the "Security" tab of the user, grant read permission to "Authenticated User".
My suggestion to the SharePoint team is to output error like "Failed to read user infomation for the account: xxxx from Activity Directory. Please contact your domain administrator to grant the right permission to read the Activity Directory information".
When it doesn't work, the log file has
11/19/2009 21:59:56.81* psconfigui.exe (0x09E0) 0x0C94 SharePoint Foundation Configuration b6vc Medium ...m.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Threading.ThreadHelper.ThreadStart()
11/19/2009 21:59:56.94 psconfigui.exe (0x09E0) 0x0C94 SharePoint Foundation Monitoring b4ly High Leaving Monitored Scope (AppPoolCreation: SharePoint Central Administration v4). Execution Time=239.085135121922
11/19/2009 21:59:56.94 psconfigui.exe (0x09E0) 0x0C94 SharePoint Foundation Topology 7fa1 High Provisioning of the web application, null, has encountered the following error: System.Collections.Generic.KeyNotFoundException: The given key was not present in the dictionary. at System.ThrowHelper.ThrowKeyNotFoundException() at System.Collections.Generic.Dictionary`2.get_Item(TKey key) at Microsoft.SharePoint.Utilities.SPUtility.GetUserPropertyFromAD(SPWebApplication webApplicaiton, String loginName, String propertyName) at Microsoft.SharePoint.Administration.SPManagedAccount.GetUserAccountControl(String username) at Microsoft.SharePoint.Administration.SPManagedAccount.Update() at Microsoft.SharePoint.Administration.SPProcessIdentity.Update() at Microsoft.SharePoint.Administration.SPApplicationPool.Update() at Microsoft.SharePoint.Administration.SPWebAppl...
11/19/2009 21:59:56.94* psconfigui.exe (0x09E0) 0x0C94 SharePoint Foundation Topology 7fa1 High ...ication.CreateDefaultInstance(SPWebService service, Guid id, String applicationPoolId, SPProcessAccount processAccount, String iisServerComment, Boolean secureSocketsLayer, String iisHostHeader, Int32 iisPort, Boolean iisAllowAnonymous, DirectoryInfo iisRootDirectory, Uri defaultZoneUri, Boolean iisEnsureNTLM, Boolean createDatabase, String databaseServer, String databaseName, String databaseUsername, String databasePassword, SPSearchServiceInstance searchServiceInstance, Boolean autoActivateFeatures)
I did some digging using reflactor. The GetUserPropertyFramAD is called by GetUserAccountControl and propertName is "userAccountControl". Obviously when the exception is thrown, the dictionary[propertyName] has a wrong index.
[DirectoryServicesPermission(SecurityAction.Assert, Unrestricted=true)]
internal static object GetUserPropertyFromAD(SPWebApplication webApplicaiton, string loginName, string propertyName)
{
string[] origUserAdProperties = new string[] { propertyName };
Dictionary<string, object> dictionary = GetUserPropertiesFromAD(webApplicaiton, loginName, ref origUserAdProperties);
if (dictionary == null)
{
return null;
}
return dictionary[propertyName];
}
internal static int GetUserAccountControl(string username)
{
string str;
string str2;
object obj2 = SPUtility.GetUserPropertyFromAD(null, username, "userAccountControl");
if ((obj2 != null) && (obj2 is int))
{
return (int) obj2;
}
SplitIntoServerAndUser(username, out str, out str2);
return (int) SPNetApi32.NetUserGetInfo1(str, str2).usri1_flags;
}