Error installing on multiple servers (MasterKey creation)

Nov 30, 2010 at 9:21 PM

Hey!

We are in the process of using your script for a multi server farm.

We are installing all features, except Search and User Profile.

The first server install went fine - no problems
Now we run it on the second server - exact same setinput.xml file.

And we get the following error:

- WSS Usage Application exists, continuing...
- Creating Secure Store Service...
 - Secure Store Service Application exists, continuing...
 - Creating the Master Key...
Update-SPSecureStoreMasterKey : The request channel timed out while waiting for
 a reply after 00:00:54.7651310. Increase the timeout value passed to the call
to Request or increase the SendTimeout value on the Binding. The time allotted
to this operation may have been a portion of a longer timeout.
At E:\SP2010\AutoSPInstaller\AutoSPInstaller.ps1:1294 char:33
+          Update-SPSecureStoreMasterKey <<<<  -ServiceApplicationProxy $secure
Store.Id -Passphrase "$FarmPassPhrase"
    + CategoryInfo          : InvalidData: (Microsoft.Offic...eStoreMasterKey:
   SPUpdateSPSecureStoreMasterKey) [Update-SPSecureStoreMasterKey], TimeoutEx 
  ception
    + FullyQualifiedErrorId : Microsoft.Office.SecureStoreService.PowerShellCm
   dlet.SPUpdateSPSecureStoreMasterKey
 
 - Creating the Application Key...
 - Setting the unattended account for Performance Point Services...
- Done creating/configuring Secure Store Service.



Uhh?

Hope somebody can help - pretty lost here ;-)

 

Coordinator
Dec 1, 2010 at 3:31 PM

Hmm the only time I've seen something like this is when my VM is really bogged down or low on memory (I even added some code in that section to re-try creating the Application Key). However if you're seeing this on a physical server with plenty of RAM/CPU then it would require some more investigation...

Brian

Dec 1, 2010 at 8:15 PM

Hey Brian

Had some time today to nail it down - The servers are on VM's, it's on our POC environment to test out your script :-) so maybe it has something to do with this.
But I think it is a common senario to use your script in a POC environment, to set up a Sharepoint farm real quick - so here are my findings ;-)

Well I sorta worked it out - looked thrue some of the other discussions here on codeplex, and figured out that I maybe should add a second attemp in the script - like:


Write-Host -ForegroundColor White " - Creating the Master Key..."
Update-SPSecureStoreMasterKey -ServiceApplicationProxy $secureStore.Id -Passphrase "$FarmPassPhrase"
If (!$?)
{
  ## Try again...
  Write-Host -ForegroundColor White " - Creating the Master Key (2nd attempt)..."
  Update-SPSecureStoreMasterKey -ServiceApplicationProxy $secureStore.Id -Passphrase "$FarmPassPhrase"
}

And so - the next time I ran it - first try failed - second attempt worked!
Problem solved...

I found another interesting thing.
On the first server we installed on - everthing runs fine.

On the second, third etc. server, the install script goes fine (with the above addition) - but for some reason, the SPTimerV4 job isn't started!
I tried this something like 5 times now, and everytime we install it on secondary servers in a farm - the timer services isn't started.
I found this becaus after the scripts ends, and Central Admin wizard is launched, when I click Start the Wizard -> Next, the page just haaaaaaangs until some 2 hour timeout.

So I added this to your script, just before launching Central Admin:

#Region Check SPTimerV4
## Check to see if the SPTimerV4 job is running - and if not - starts it
## This can happen if this is the second+ server in a farm...
Write-Host -ForegroundColor White "- Checking status of SPTimerV4 Windows Service... "
$srvName = "SPTimerV4"
$servicePrior = Get-Service $srvName
Write-Host -ForegroundColor White ("    - Status is: " + $servicePrior.status)
If ($servicePrior.status -eq "Stopped")
{
	Write-Host -ForegroundColor White ("- Starting " + $srvName)
	Start-Service $srvName
}

$serviceAfter = Get-Service $srvName
Write-Host -ForegroundColor White ("    - Status now is: " + $serviceAfter.status)
#EndRegion


So, this just checks if the crusial timer services is running, and if not - starts it.
Don't know if anybody has experienced this?

Thanks for a greate job on the script - it awsome.

Coordinator
Dec 2, 2010 at 3:26 AM

Nice chunk of script for checking the timer service buuutt I think we need to get to root cause, i.e. why isn't the service started, or rather, does it start, then stop? Or never start at all?

Very strange, and as you can probably guess it's the first I've seen of it. Actually no wait... I saw something like this very recently, where the client's domain policy was set to only permit certain accounts the "Log on as a service right", and of course the SharePoint farm account wasn't one of those privileged accounts. So the service would start, run for a while, then mysteriously stop (when the group policy refreshed). Anyhow not sure if that matches your scenario but just thought I'd mention it anyhow.

Brian

Dec 7, 2010 at 11:04 AM

Hey Brian

I see what you mean - but the strange thing is, that these servers are absolutely identical (aside the computername), so there is no GPO or otherthing stopping the service from starting.
And the timer service starts fine on the first server, and fails on all secondary.

It's never started - but starting it manual works fine (or doing it in the scripts works fine too)

Jesper

Dec 10, 2010 at 2:52 PM

Hey guys,

Just to let you know...the way I got the key creation to work consistently is to put the script to sleep for 30 seconds before running it.  Some previous process seems to be hanging it up.

Thanks,

-Ryan