For those struggling to get their BHOLD SP1 demo working in a Windows 2008 R2 64-bit environment, I’ve recently run into two critical errors I thought I would blog about as they took me and my colleague Stefan Buchman some hair pulling time to work through. As this is a bleeding edge release, there isn’t much in the way of public information about others running into these errors so I thought I’d blog their fixes in case others were struggling.

This blog should be read in conjunction with getting an infrastructure or demo scenarios working from this link:  http://technet.microsoft.com/en-us/library/jj134107(v=ws.10).aspx.  Also, you have to be meticulous and methodical in following the installation guidance from Microsoft as there is quite a lot of pre-requisite software that has to be installed onto all of the FIM R2 Sp1 servers in order for the BHOLD installation to succeed.

Issue 1: Application Pools not starting on your FIM Service & Portal server during BHOLD SP1 FIM Integration MSI install

Both Stefan and I recently ran into an issue installing the BHOLD FIM Integration MSI file onto our FIM Service & Portal server.  We were seeing a problem where the MSI would launch a custom action to run an executable called:  ‘FIMCustomization.exe’.  This executable runs a command window which promptly crashes, returning a non-zero exit code to the MSI and therefore terminating and rolling back the installation.  We were noticing two things occurring during this MSI install:

1.  The MSI installation in real-time creates a web application locally to the FIM Portal server in IIS Manager called ‘BHOLD’ under port 5151, then immediately tries to call a ‘BHoldRoleExchangePoint.svc’ file that’s hosted in that new web application (locally to the FIM portal server)

2. IIS Manager reports an issue where the Application Pool cannot start for the new BHOLD application and then stops the web application.  This is noticeable in the Event Viewer (App Log) with an issue similar to this (click to expand):

AppPool issue

This is what causes the MSI installation to fail and rollback during install.

Stefan determined that putting the following entry into the following file fixed the issue.

1.  On the FIM Portal (SharePoint 2010 Foundation) server, locate the file: C:\Windows\System32\inetsrv\config\applicationHost.config

2. Search for the string: ‘SPNativeRequestModule’ and add to end of the sentence: preCondition=”bitness64″  before the end text ‘/>’

The final beginning and end string value should look similar to:

<add name=”SPNative RequestModule” image=…<edit>… spnativerequestmodule.dll” preCondition=”bitness64″ />

This fixed issues where Application Pools were not starting correctly due to an incorrect x86/x64 architecture.  I’m sure an expert SharePoint developer would be able to tell you why in more detail!   Note: This fix is alluded to in the Microsoft Release Notes for BHOLD SP1 but it states that it applies to Windows Server 2012 only.  However, it looks like it impacts Server 2008 R2 as well (thanks to Dan Thom for the spot!).

Issue 2:  Cross Domain Silverlight issue after successful FIM Integration MSI file installation

By default, the BHOLD installation for the BHOLD SP1 FIM Integration MSI file installs the link for the ‘BHOLD Self Service Portal’ with only the hostname of the FIM service portal.  In some situations we saw, this causes an issue with Silverlight not running the BHOLD self-service portal as it detects a ‘cross domain’ issue with the link and does not display the content for security reasons

The link is displayed off the FIM Portal here: (click to zoom):

BHOLD self service link

By adding in the full FQDN of the new BHOLD site in the following file fixes the issue.

1. On the FIM Portal server, open the file with Notepad.exe:  C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\template\layouts\BHOLD\Self service.aspx

2. Locate the string:  value=”RoleExchangePoint=http://:5151/BHOLD/RoleExchangePoint …..<etc>

and add in the full FQDN to the server so that the value reads:

value=RoleExchangePoint=http://<FQDN of your FIM Portal server>:5151/BHOLD/RoleExchangePoint….

Example, if was ‘FIMPortal’, and your FIM portal server has a FQDN of ‘FIMPortal.Fabrikam.com’, then the value becomes:

value=RoleExchangePoint=http://FIMPortal.Fabrikam.com:5151/BHOLD/RoleExchangePoint…

By performing a test of the ‘BHOLD Self Service Portal’ link, there should be no ‘cross domain’ Silverlight errors interfering with the portal displaying correctly.

Hope this helps future installations!

Michael Pearn

Let me know by the form below if you have any questions about getting a BHOLD SP1 lab or environment built:

Category:
FIM, Identity and Access Management
Tags:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: