Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Monday, September 17, 2018 9:03 PM
Good Afternoon SharePoint pros. I have been battling with this for over a week. I cannot get my User Profile Synchronization service to start. I have done everything I can think of to my farm including following the wonderful post at http://www.harbar.net/articles/sp2010ups.aspx . Still my UPS won't start. The problem is that my Forefront Identity Manager service does not start.
I checked and I have the correct permissions under Local Security Policy, Domain Replicate Directory Changes permissions, my farm account is a local admin, I have re-created the User Profile Service Application from scratch
When I reboot the server and the FIM service tries to start I get the following entry in my Application Log:
ERROR 1
.Net SqlClient Data Provider: System.Data.SqlClient.SqlException: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)
at Microsoft.ResourceManagement.Data.DatabaseConnection.Open(SqlConnection connection)
at Microsoft.ResourceManagement.Data.DatabaseConnection.Open(DataStore store)
at Microsoft.ResourceManagement.Data.TransactionAndConnectionScope..ctor(Boolean createTransaction, IsolationLevel isolationLevel, DataStore dataStore)
at Microsoft.ResourceManagement.Data.TransactionAndConnectionScope..ctor(Boolean createTransaction)
at Microsoft.ResourceManagement.Data.DataAccess.RegisterService(String hostName)
at Microsoft.ResourceManagement.Workflow.Hosting.HostActivator.RegisterService(String hostName)
at Microsoft.ResourceManagement.Workflow.Hosting.HostActivator.Initialize()
at Microsoft.ResourceManagement.WebServices.ResourceManagementServiceHostFactory.CreateServiceHost(String constructorString, Uri[] baseAddresses)
at Microsoft.ResourceManagement.WindowsHostService.OnStart(String[] args)
ERROR 2
The Forefront Identity Manager Service could not bind to its endpoints. This failure prevents clients from communicating with the Web services.
A most likely cause for the failure is another service, possibly another instance of Forefront Identity Manager Service, has already bound to the endpoint. Another, less likely cause, is that the account under which the service runs does not have permission to bind to endpoints.
Ensure that no other processes have bound to that endpoint and that the service account has permission to bind endpoints. Further, check the application configuration file to ensure the Forefront Identity Manager Service is binding to the correct endpoints.
ERROR 3
Service cannot be started. System.Data.SqlClient.SqlException: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)
at Microsoft.ResourceManagement.WindowsHostService.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
ERROR 4
.Net SqlClient Data Provider: 2 : : System.Data.SqlClient.SqlException: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)
at System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection)
at System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory)
at System.Data.SqlClient.SqlConnection.Open()
at Microsoft.ResourceManagement.Data.DatabaseConnection.Open(SqlConnection connection)
When I try to start the Forefront Identity Manager Synchronization Service I get the following errors in the System Log:
The server encountered an unexpected error and stopped.
"BAIL: MMS(17296): sql.cpp(252): 0x80040e4d
BAIL: MMS(17296): storeimp.cpp(234): 0x80040e4d
ERR: MMS(17296): server.cpp(373): Failed to connect to the database on SPServer (why is this not my SQL Server name, I don't know! Is listing my SharePoint server name. This is dev, so it lives in a single server plus sql on a separate box)
BAIL: MMS(17296): server.cpp(374): 0x8023043f (Service start up has failed. A connection to SQL Server could not be established because of an authentication failure.)
BAIL: MMS(17296): server.cpp(3860): 0x8023043f (Service start up has failed. A connection to SQL Server could not be established because of an authentication failure.)
BAIL: MMS(17296): service.cpp(1539): 0x8023043f (Service start up has failed. A connection to SQL Server could not be established because of an authentication failure.)
ERR: MMS(17296): service.cpp(988): Error creating com objects. Error code: -2145188801. This is retry number 0.
BAIL: MMS(17296): clrhost.cpp(283): 0x80131022
BAIL: MMS(17296): scriptmanagerimpl.cpp(7670): 0x80131022
BAIL: MMS(17296): server.cpp(251): 0x80131022
BAIL: MMS(17296): server.cpp(3860): 0x80131022
BAIL: MMS(17296): service.cpp(1539): 0x80131022
ERR: MMS(17296): service.cpp(988): Error creating com objects. Error code: -2146234334. This is retry number 1.
BAIL: MMS(17296): clrhost.cpp(283): 0x80131022
BAIL: MMS(17296): scriptmanagerimpl.cpp(7670): 0x80131022
BAIL: MMS(17296): server.cpp(251): 0x80131022
BAIL: MMS(17296): server.cpp(3860): 0x80131022
BAIL: MMS(17296): service.cpp(1539): 0x80131022
ERR: MMS(17296): service.cpp(988): Error creating com objects. Error code: -2146234334. This is retry number 2.
BAIL: MMS(17296): clrhost.cpp(283): 0x80131022
BAIL: MMS(17296): scriptmanagerimpl.cpp(7670): 0x80131022
BAIL: MMS(17296): server.cpp(251): 0x80131022
BAIL: MMS(17296): server.cpp(3860): 0x80131022
BAIL: MMS(17296): service.cpp(1539): 0x80131022
ERR: MMS(17296): service.cpp(988): Error creating com objects. Error code: -2146234334. This is retry number 3.
BAIL: MMS(17296): service.cpp(1002): 0x80131022
Forefront Identity Manager 4.0.2450.51"
Any help is appreciated, again I have tried the steps here: http://www.harbar.net/articles/sp2010ups.aspx
Thank you!
OT
OT
All replies (11)
Monday, October 22, 2018 7:13 PM ✅Answered
Thank you Matthew,
Got my issue resolved, what happen is that we had just deprecated the TLS 1.0 protocol so everything was running in TLS 1.1 and 1.2. What happen is that the Sql Server 2008 Native client does not support TLS 1.2 by default. Must install a hotfix (see bottom of this forum: https://social.technet.microsoft.com/Forums/en-US/ae5f7810-ddef-4ed7-8003-357c694239f1/userprofileapplicationsynchronizemiis-failed-to-configure-miis-post-database?forum=sharepointgeneralprevious)
The hot fix for the Native client is here: https://support.microsoft.com/en-us/help/3135244/tls-1-2-support-for-microsoft-sql-server.
Once I installed the hot fix I deleted my service application. Then I recreated the service application but it would still not work. Finally just to be on the safe side I did the following:
**1. Stop the UPSA with the cmdlet below: **
stsadm -o provisionservice -action stop -servicetype “Microsoft.Office.Server.Administration.ProfileSynchronizationService, Microsoft.Office.Server.UserProfiles, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c” -servicename FIMSynchronizationService
2. Under windows services I re-enabled the FIM and FIMS services (Auto/delayed)
2. Stopped the timer service
3. Cleared the config cache (instructions here: https://blogs.msdn.microsoft.com/josrod/2007/12/12/clear-the-sharepoint-configuration-cache/)
4. Started the Timer Service
3. Delete the FIM certs
**4. Delete the current User Profile Service Application Proxy from central admin > Manage service applications **
5. Created new proxy
6. Started UPSS
7. Bingo!!!
I hope this helps someone else. Thank you all for your help!!!
OT
OT
Wednesday, September 19, 2018 10:03 AM
Hi OT,
Thank you for your question.
We are currently looking into this issue and will give you an update as soon as possible.
Thank you for your understanding and support.
Best regards,
Grace Wang
Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact [email protected].
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.
Wednesday, September 19, 2018 11:07 AM
1. Stop User profile service and User profile sync service on ALL SharePoint servers in the farm
Clear timer config cache (http://support.microsoft.com/kb/939308)
Deleted the Pending timer job related to the UPA sync service provisioning using Central Administration->Monitoring->check job status
Ensure security token service has only windows and anonymous enabled ( from IIS Manager->SharePoint web services->Security token service->Authentication (under IIS))
On the SharePoint server access the registry editor and ensure that the information related to FIM (database server name, sync DB name etc ) are properly populated, if found wrong, back up the registry key and edit the values to reflect the right information.
HKLM\system\currentcontrolset001\services\FIMservice
HKLM\system\currentcontrolset002\services\FIMservice
HKLM\system\currentcontrolset\services\FIMservice
Delete all FIM related certificates from the certificate store ( for account and system). Ensure that no FIM related certificate is listed in any folders when looked at the certificate manager.
From Central Administration->Application Management->Manage service application, Ensure the User profile service application and its proxy is started, If it is stopped, recreate them taking necessary backups (my sites)
Start User profile service. Once the service is started, try starting the User profile sync service from the central administration site
Thanks Ravikant Chaturvedi
Wednesday, September 19, 2018 3:53 PM
Thank you Ravikant, I'm giving this a try. The first thing I run in to is that in the registry the entry for the database server and the database name are set to "provided by settingsprovider.dll". Do you all know of a way to change the settings in the "settingsprovider.dll" file and where it is located?
Also, my "My sites" is disabled in all my farms. Do I need to re-enable it in order to setup the UPS correctly?
Thank you!
OT
OT
Wednesday, September 19, 2018 4:37 PM
Thanks for the list of steps Ravikant, Unfortunately no go. The two problems I'm noticing are:
1. My FIM and FIMS services won't start due to issues contacting the SQL server. When I try to start the FIMS manually I get an error stating that the SQL server was unreachable and under the SQL Server Name I'm getting the SP Server name, I'm not sure where to change that.
2. When I start the User Profile Synchronization Service in a healthy farm, it automatically grabs the FIM Service and starts it. In this farm, when I start the UPSS the FIM service stays off and it won't start. Somewhere there is a disconnect between the UPSS and FIM service.
I wonder if there is way to re-install the FIM and FIMS services... Another log entry I get is that the "FIM" service is unable to bound to its endpoints.
Madness!!!
Thanks!
OT
PS. This is a dev all in one farm , except I have SQL on a separate server.
OT
Thursday, September 20, 2018 9:33 AM
Hi OT,
Please check the following steps:
1. To Verify the connection information has been configured properly, go to
Win+R > regedit.exe->HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FIMSynchronizatioService\Parameters.
Check and change the Server Property should to the name of the SQL Server.
2. For the error “Description: The Forefront Identity Manager Service could not bind to its endpoints.” you need to configure some steps below on Active Directory:
- Add “Replicate Directory Changes” permission.
- Add account to “Pre-Windows 2000 Compatible Access” group.
- Grant Replicate Directory Changes permission on the cn=configuration container.
More detailed information refer to the article:
https://nhutcmos.wordpress.com/tag/forefront-identity-manager-service/
Best regards,
Grace Wang
Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact [email protected].
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.
Wednesday, September 26, 2018 9:52 AM
Hi,
My client is experiencing the same issue.
Could I ask, what version of SharePoint and SQL are you on?
My client is on:
| 15.0.5059.1000 | August 2018 CU |
and
SQL 2008-R2 Standard Edition, SP2 (10.50.4000).
I'm wondering whether the SharePoint CU has broken compatibility with this older version of SQL? (Just one line of enquiry).
Friday, September 28, 2018 5:58 PM
Hey there. I'm on SQL 2012, SP Farm Version: 15.0.5059.1000 - August 2018CU.
Thanks!
DM
OT
Monday, October 8, 2018 4:29 PM
Just thought I would check back in because I solved the problem for my client.
The Timer Service Instance on the APP server had gone into a Disabled state, which meant the User Profile Sync service wasn't being started.
Following the directions given here I was eventually able to get the service started:
Tuesday, October 23, 2018 1:16 AM
Hi OT,
Thanks for your sharing.
You can mark your post as answer to help other community members to find the information quickly.
Have a nice day!
Best regards,
Grace Wang
Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact [email protected].
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.
Thursday, November 29, 2018 4:06 PM
Thank you Grace.
OT
OT