1. Home
  2. Categories
  3. Support
  4. The Server Is Not Operational

Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.

If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!

The Server Is Not Operational

  • A

    I recently rebuilt my ProgGet server (licensed ProGet basic), setting it up on IIS and serving the website over https://:443. As a part of the rebuild, I enabled Integrated Auth so we could use our windows accounts.

    Everything was working fine up until maybe a couple of hours ago when the server crashed while looking up an ADO so that I could assign permissions. As I re-opened the tab I found myself unable to login as "The Server Is Not Operational" errors appeared on the login.

    I tried what was listed here: https://forums.inedo.com/topic/1349/active-directory-authentication/2 with a service account but wasn't able to rectify it.

    What else can I do to diagnose this?

    0
  • atripp
    inedo-engineer

    Hello;

    This error indicates a problem communicating with the domain controller. There are a handful of reasons this error can happen, here are a few:

    • To many Domain/LDAP queries, were there any new applications deployed that may be overly chatty with AD?
    • A domain controller is offline, but still in the DNS or a change to the IP address. Have you deprecated or changed the IP address on any of your domain controllers recently?
    • Overall network communication errors.
    • Server requests are sent to a proxy prior to connecting to the server.
    • Incorrect certificate

    Thus, if you wait and just reboot the server, it just might go away.; otherwise, it might invovle inspecting some of the traffic between the servers. Even if you use our exact code, LDAP just returns the same error, unfortunately.

    Let us know what you find / try!

    0
  • A

    Hi @atripp ,

    Based on the options listed I don't think any of those would be an issue. We did retire one of our DCs, but I made sure to choose a valid one when I began setting it all up, and can verify the address of it. We don't have a proxy in place, and the cert I have used was verified before it was given to me.

    Rebooting didn't make this go away either. I switched it back to Network Service as the default, but still get the error. This is what Event Viewer has recorded:

    Event code: 4010 
Event message: An unhandled security exception has occurred. 
Event time: 11/9/2020 11:44:51 AM 
Event time (UTC): 11/9/2020 4:44:51 PM 
Event ID: af3bcc1e9e934c97b6f727944820e1d0 
Event sequence: 3 
Event occurrence: 1 
Event detail code: 0 
 
Application information: 
    Application domain: /LM/W3SVC/2/ROOT-1-132494135555642283 
    Trust level: Full 
    Application Virtual Path: / 
    Application Path: C:\Program Files\ProGet\Web\ 
    Machine name: PROGET 
 
Process information: 
    Process ID: 7884 
    Process name: w3wp.exe 
    Account name: NT AUTHORITY\NETWORK SERVICE 
 
Request information: 
    Request URL: https://proget-url:443/log-in?ReturnUrl=/administration 
    Request path: /log-in 
    User host address: 127.0.0.1 
    User: Anonymous 
    Is authenticated: True 
    Authentication Type:  
    Thread account name: NT AUTHORITY\NETWORK SERVICE 
 
Custom event details:

    and

    Event code: 3005 
Event message: An unhandled exception has occurred. 
Event time: 11/9/2020 11:41:43 AM 
Event time (UTC): 11/9/2020 4:41:43 PM 
Event ID: 9ac92bad88f74897af0715e1c1a1eab8 
Event sequence: 2 
Event occurrence: 1 
Event detail code: 0 
 
Application information: 
    Application domain: /LM/W3SVC/2/ROOT-1-132494135555642283 
    Trust level: Full 
    Application Virtual Path: / 
    Application Path: C:\Program Files\ProGet\Web\ 
    Machine name: CICD-PROGET 
 
Process information: 
    Process ID: 7884 
    Process name: w3wp.exe 
    Account name: NT AUTHORITY\NETWORK SERVICE 
 
Exception information: 
    Exception type: COMException 
    Exception message: The server is not operational.

   at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
   at System.DirectoryServices.DirectoryEntry.Bind()
   at System.DirectoryServices.DirectoryEntry.get_AdsObject()
   at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)
   at System.DirectoryServices.DirectorySearcher.FindOne()
   at Inedo.Extensions.UserDirectories.ADUserDirectory.TryGetPrincipal(PrincipalSearchType searchType, String principalName)
   at Inedo.Extensions.UserDirectories.ADUserDirectory.TryGetAndValidateUser(String userName, String password)
   at Inedo.ProGet.WebApplication.ProGetHttpModule.ValidateUser(HttpApplication app, String userName, String password)
   at Inedo.Web.InedoHttpModule.AuthenticateRequestAsync(HttpApplication app)
   at Inedo.Web.InedoHttpModule.ProcessBegin(Object sender, EventArgs e, AsyncCallback cb, Object extraData)
   at System.Web.HttpApplication.AsyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step)
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

 
 
Request information: 
    Request URL: https://proget:443/nuget/companyIP/Packages()/$count?$filter=IsAbsoluteLatestVersion&semVerLevel=2.0.0 
    Request path: /nuget/companyIP/Packages()/$count 
    User host address: 127.0.0.1 
    User:  
    Is authenticated: False 
    Authentication Type:  
    Thread account name: NT AUTHORITY\NETWORK SERVICE 
 
Thread information: 
    Thread ID: 13 
    Thread account name: NT AUTHORITY\NETWORK SERVICE 
    Is impersonating: False 
    Stack trace:    at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
   at System.DirectoryServices.DirectoryEntry.Bind()
   at System.DirectoryServices.DirectoryEntry.get_AdsObject()
   at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)
   at System.DirectoryServices.DirectorySearcher.FindOne()
   at Inedo.Extensions.UserDirectories.ADUserDirectory.TryGetPrincipal(PrincipalSearchType searchType, String principalName)
   at Inedo.Extensions.UserDirectories.ADUserDirectory.TryGetAndValidateUser(String userName, String password)
   at Inedo.ProGet.WebApplication.ProGetHttpModule.ValidateUser(HttpApplication app, String userName, String password)
   at Inedo.Web.InedoHttpModule.AuthenticateRequestAsync(HttpApplication app)
   at Inedo.Web.InedoHttpModule.ProcessBegin(Object sender, EventArgs e, AsyncCallback cb, Object extraData)
   at System.Web.HttpApplication.AsyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step)
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
 
 
Custom event details:

    I can validate that my DC is correct. At this point I can't login anymore to get into the administration to do anything. Because I enabled AD the Admin account wont work...

    Would removing the Active Directory rows in SQL fix my issue? I want to get rid of this setting so I can start over and figure out where it went wrong.

    0
  • rhessinger
    inedo-engineer

    Hi @arozanski_1087,

    The errors you are showing here looks like a failure connecting to AD as a whole. One cannot connect to teh AD server at all, which indicates the server is not operational, a bad AD certificate, or a your DNS server still has a the IP address listed for your old domain controller tied to your local domain url (ex: mydomain.local).

    The other error message shows a login error for network service. This could need the Set-SPN operation ran to give the server access to the domain, or you need to sepcify the login credentials in the AD settings.

    You can reset your selected user directory back to the built in one using the resetadminpassword operation from the Service executable. You can then correct the issue and switch it back to your LDAP directory.

    Thanks,
    Rich

    0
  • A

    Afternoon Rich,

    I did some more digging after I reset the admin password to see what caused my random issue. It turns out to not be the SPN or the domain controller being inactive.

    The source was definitely the AD connection though. The domain I was using did not have LDAPS set up yet (I mistakenly thought that it was), and me selecting LDAPS checkbox in AD settings caused it to break and lock me out of the server. No fun. I've since fixed that issue and everything looks like it is working as expected.

    Thank you for your help on this issue.

    0
  • rhessinger
    inedo-engineer

    Hi @arozanski_1087,

    Thanks for following up with us. I'm glad you got this working! Please don't hesitate to reach out if you have any other questions for us.

    Thanks,
    Rich

    0
Log in to reply
 
Inedo Website HomeSupport HomeCode of ConductForums GuideDocumentation