Friday, 29 November 2019

SharePoint Application Pool is getting restarted again and again


After doing a Password Reset Activity in our environment, SharePoint Server is given service unavailable sometimes. When we refresh the page, it starts working but after some time it again gives Service Unavailable. 
So, the issue is that SharePoint is getting down again and again by itself. 
After doing research we come to know that Application pool (let’s call App_Pool1) of the faulty web application (let’s call it https://webapp.company.com)is getting restarted again and again on one of the WFE server let’s call it wfe1. While the same was working fine on other servers. So, we can say there is some issue with the wfe1 server only. 

So, we concentrated on WFE1. After research we noticed that the Application pool "App_Pool1" is restarting again and again also it has some different properties from other server’s application pool such as "Enable 32-Bit Applications".  On WFE1 server, this property is set to True, while on other servers it is set to false. When we tried to set this value as false for this server as well the application pool was not stopping but the site https://webapp.company.com was stopped and giving some internal error.  

Solutions we tried - 
1.       We already tried to copy the web config of other wfe server to this server but it did not worked. 
2.       We changed the Property "Enabled 32-Bit Applications" of Application pool on WFE1 server to False same as other servers. Now application pool was not stopping again and again but it also did not work just the error was changed. And https://webapp.company.com was completely down. 
3.       So, we conclude that there is some issue with Application pool. We tried to reset the password for this application pool identity, we set the password again but again it failed to work properly. 
4.       We tried to change the application Pool Identity but again it did not work. 
5.       We checked IIS logs and SharePoint logs but could not find any much information from there. 
6.       So now we decided to change the Application Pool for the Web Application as we were not able to identify anything, and we had no other option. For running below code, we used the Faulty server WFE1. 
a.       So, we created a new application pool with below powershell code (executed on all the servers) with same Identity as old application pool. 
asnp *SharePoint* -ErrorAction SilentlyContinue 
$WebAppURL = "https://webapp.company.com" 
$NewAppPoolName = "AppPool_Webapp” 
$NewAppPoolUserName = "Domain\username" 
$Farm = Get-SPFarm 
$Service = $Farm.Services | where {$_.TypeName -eq "Microsoft SharePoint Foundation Web Application"} 
$Password = Read-Host -Prompt "Please enter your password" -AsSecureString 
$NewAppPool = New-Object Microsoft.SharePoint.Administration.SPApplicationPool($NewAppPoolName,$Service) 
$NewAppPool.CurrentIdentityType = "SpecificUser" 
$NewAppPool.Username = $NewAppPoolUserName 
$NewAppPool.SetPassword($Password) 
$NewAppPool.Provision() 
$NewAppPool.Update($true) 
b.       Now we configured our faulty Web application https://webapp.company.com to use the new application pool that is "AppPool_Webapp" using below code. 
asnp *SharePoint* -ErrorAction SilentlyContinue 
$WebAppURL = "https://webapp.company.com" 
$NewAppPoolName = "AppPool_Webapp" 
$NewAppPool = $Service.ApplicationPools[$NewAppPoolName] 
$WebApp = Get-SPWebApplication $WebAppURL 
$WAAppPool = $WebApp.ApplicationPool = $NewAppPool 
$WebApp.Update() 
$WebApp.ProvisionGlobally() 
c.       After running the defined code in 6.b section on WFE1 server. We got below error message - 
 
Exception calling "ProvisionGlobally" with "0" argument(s): "Filename: \\?\C:\Windows\system32\inetsrv\config\applicationHost.config 
Line number: 375 
Error: Can not log on locally to C:\inetpub\wwwroot\wss\VirtualDirectories\webapp.company.com443 as user Domain\username with virtual directory password 
" 
At line:6 char:1 
+ $WebApp.ProvisionGlobally() 
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException 
    + FullyQualifiedErrorId : COMException 
d.       The same code worked fine on all the other server in the environment. So as the issue was occurring on only once server that was faulty, so we started working on the same issue on Server WFE1.
                     i.            We checked access to both the locations, both locations had the required access. 
                   ii.            We opened the file applicationHost.config from the given location C:\Windows\system32\inetsrv\config\applicationHost.config and checked the given line defined in the error message – 375. 
                 iii.            This file seems to be the configuration file that is used to connect to different services of the web application, that is configured in IIS Logs. This file contains the configuration settings for virtual directory and other services that will be used the a given web application. 
                 iv.            Here I noticed that the given line contains a User name and password, where password was in encrypted format and user name was same as the application pool identity. This file was last modified on a long time ago by someone manually after comparing this file on other servers we noticed that this file is not same on all the servers (while it should be same as it’s a system file). The user name or password was defined for only this one application while there were details of other web application’s configuration also. On the other server there was such no username or password. (Please see the screen shot) 


                   v.            So it seems for some reason or any testing purpose may be this file is updated by someone and they hard coded the user name and password in this configuration file. Because if it was done by system or SharePoint service it must be same in all the SharePoint farm servers, but this was not the case so I just removed the UserName and password tags from the line as saved this file. And our web application started working. So, check the below configuration setting as defined - 
Search for <Site name="Your Application name" id ="ApplicationIDserverAutoStart="true"> 
Now check the <Virtualdirectory path="/" physicalpath ="path defined in the error message> and remove user name and password from the same line as per the below comments. 
Old line -  
<virtualDirectory path="/" physicalPath="C:\inetpub\wwwroot\wss\VirtualDirectories\webapp.company.com443" userName="Domain\UserName" password="[enc:AesProvider:dnm3i3ahncJOGWEIYGxyyA4zVVV5HYjFA2tDQP+go7qHyZWHXtz6dGwgIcsyyKNRhmvYcdsTlsTkXFUpLQyqsw==:enc]" /> 


New line -  
<virtualDirectory path="/" physicalPath="C:\inetpub\wwwroot\wss\VirtualDirectories\webapp.company.com443" />