Thursday, October 6, 2011

System.Runtime.InteropServices.COMException (0x800703FA)

For one of our customers we have a SharePoint 2010 site up and running with two zones; one with plain old ntlm authentication for administrative use, the other zone uses forms authentication with claims using an Active Directory membership provider.

The servers are all running Windows 2008 R2 SP1. After a couple of days I couldn’t log-in none of the user accounts were accepted with some generic message “the server cannot log you in…”

The ULS log shows the following error message:


Password check on ‘user@domain.com' generated exception: 'System.Runtime.InteropServices.COMException (0x800703FA): Retrieving the COM class factory for component with CLSID {080D0D78-F421-11D0-A36E-00C04FB950DC} failed due to the following error: 800703fa. at System.Web.Security.DirectoryInformation.GetADsPath(String dn) at System.Web.DataAccess.ActiveDirectoryConnectionHelper.GetDirectoryEntry(DirectoryInformation directoryInfo, String objectDN, Boolean revertImpersonation)at System.Web.Security.ActiveDirectoryMembershipProvider.ValidateUserCore(String username, String password) at System.Web.Security.ActiveDirectoryMembershipProvider.ValidateUser(String username, String password) at Microsoft.SharePoint.IdentityModel.SPFormsUserNameSecurityTokenHandler.ValidateToken(SecurityToken token)'.

 

 

 

 

 

 

 

 

Well, after some digging I found this forum post Error with SP.SPRequest COM object where Paul Andrew points to a WCF hotfix. However I’m running 2008R2 SP1, which has this fix included…

Then the next option was documented here: CLSID {BDEADEE2-C265-11D0-BCED-00A0C90AB50F} failed due to the following error: 800703fa and look toward the end the comment by PankajSoni.

Ok, I checked the app-pool of the site, and of-course, the value for "Load User Profile" was already set to to "true", no luck here either.

Then I realized that I’m using the internal STS of SharePoint, since I’ve setup for claims based authentication and this service uses its separate application pool:

SecurityTokenServiceApplicationPool

Set the “Load User Profile” here to True and your troubles will dissipate…

Posted by Hans Sissing at 4:38 PM
Labels: ,

1 comment:

  1. m_clipMarch 25, 2013 at 5:50 AM

    Nice post, just helped me think about an issue I was dealing with for Office Web Apps.

    ReplyDelete

Subscribe to: Post Comments (Atom)