General Network Problems
.jpg)
General Network Problems
If your Microsoft® .NET Passport site is having problems that are difficult to pinpoint, scan the following sections for an issue that most closely matches the issue that you are experiencing. If you cannot find a match for your problem, see Advanced Troubleshooting.
I am attempting to make changes to my sites CCD, but I keep running into problems.
You must never edit the Component Configuration Document (CCD), or, more specifically, Partner2.xml. It is used by the .NET Passport network servers to ensure that your site has all of the latest configuration updates. Editing it will cause your site to function incorrectly and with unpredictable results. The CCD is designed to receive updates from the .NET Passport network only. Do not set this document to read-only or set file permissions that prevent it from being overwritten.
My CCD never seems to be refreshed.
Check to see whether there are firewalls that prevent outbound or inbound HTTPS. Passport Manager requests the CCD as XML through the HTTPS protocol, using port 443. If this is not possible on your server, it may be necessary to introduce a staging system, where a computer that bridges the firewall is specified as a file share and is enabled to refresh the CCD. The refresh can happen at specified intervals, or the computer can also be Passport Manager-enabled so that the refresh happens as needed. The computer's file share can then be specified as the CCDLocalFile in the Passport node of the registry, and servers behind the firewall can then share that configuration and still remain behind the firewall.
Checking your CCD file periodically (to see if any additions have been made to core profile attributes) is recommended. Locate the Partner2.xml document (the default installation location is in the %SystemRoot%\system32\MicrosoftPassport directory) and open it in your servers Microsoft® Internet Explorer browser to view the configuration attributes. Check the file date. Check the Passport Manager events to see if a CCD refresh event has been detected recently.
The "Passport Manager Object Misconfigured" error message is displayed on my Web site pages.
If the error message "Passport Manager object misconfigured" appears on any of your .NET Passport Web site pages, it is probably due to an incorrect registry key value, or to missing or corrupted encryption keys. Try reloading the page once; there are occasionally lingering configuration issues that appear only the very first time that a Passport Manager object is initiated on a server. If the error appears again, see the following:
- Check the values using the Passport Manager Administration utility and verify that all configuration values are correct.
- The encryption keys that you received at registration may have to be reinstalled on your Web server if you have recently reinstalled the .NET Passport Software Development Kit (SDK).
- Verify that you are following the instructions provided with the key installation program.
When the client browser returns to my site, an "f=6" is attached to the query string.
If you experience this issue, either the Passport Manager object on your Web server is configured to be in stand-alone mode, or the .NET Passport Login server cannot reach its own Secure Sockets Layer (SSL) pages and cannot write the Ticket-Granting cookie. Neither the .NET Passport network servers nor the Passport Manager object will write cookies and the user will not be signed in.
Check to see if the Passport Manager object is configured to be in stand-alone mode. If it is, turn stand-alone mode off to see if the .NET Passport server can be reached. If the same results occur, there is a problem on the .NET Passport network. For more information, see Advanced Troubleshooting. Other "f=" values in the query string also indicate a possible .NET Passport network problem.
New XML CCD documents fail to load when the IIS Service is restarted.
To begin the background CCD reload process, a browser must request a page containing an instance of the Passport Manager object after reloading the Passport dynamic-link library (DLL) or stopping and starting the Microsoft® Internet Information Services (IIS) Web server.
The following command line is not sufficient to force the Passport Manager DLL to reload.
net stop w3svc
Starting and stopping the IIS Administration service in Microsoft Management Console will also not force the DLLs to reload. Use the following command line instead to reload the DLLs or terminate the IIS process.FakePre-bf2e1f457b734f0fbdaacb4725dadadc-a65f054b98bb490d8fbe12ebed6bc5f8 The CCD refresh procedure will not occur until a Passport Manager object is actually loaded into memory. Access a known Passport Manager-calling page on your site in order to trigger the refresh.
See Also