SharePoint Experts, Information Architects, Expert Witness

We provide consulting in a broad array of business and technology from architecture to design to deployment of global systems with a focus on surfacing data in the enterprise. Specialists in Microsoft, we are a premier provider of SharePoint Expertise (including 2016 and Office 365). We also provide Expert Witness/Legal Expert in eDiscovery, source discovery, patent infringement, piracy and more! We also have established SICG DLDS s.a. - our counterpart in Costa Rica that specializes in water systems (http://www.crwatersolutions.com) - Contact me direct: david_sterling@sterling-consulting.com or call 704-873-8846 x704.

Search This Blog

Friday, May 2, 2014

SP13: Security Token Service is not available

As may be reported by the Health Analyzer or as a message in the System Event Application Log:

The SharePoint Health Analyzer detected a condition requiring your attention.  The Security Token Service is not available.
The Security Token Service is not issuing tokens. The service could be malfunctioning or in a bad state.
Administrator should try to restart the Security Token Service on the boxes where it is not issuing tokens. If problem persists, further troubleshooting may be available in the KB article. For more information about this rule, see "http://go.microsoft.com/fwlink/?LinkID=160531".

This indicates that the SharePoint Web Services Root application pool is stopped. Open Internet Information Services (IIS) Manager, expand server then click on Application Pools – right click on the SharePoint Web Services Root and select Start:



Other possible causes:
The Security Token Service hasn’t been provisioned
1.       Login to a SharePoint server as the Farm Account
2.       Open the SharePoint 2013 Management shell using Run as administrator
3.       Enter in the following commands:
$sts = Get-SPServiceApplication | ?{$_ -match "Security"}
$sts.Status
$sts.Provision()

Incorrect Authentication Settings in IIS
1.       Open Internet Information Services (IIS) Manager
2.       Expand the Sites folder
3.       Expand the SharePoint Web Services folder
4.       Click on the SecurityTokenServiceApplication to select it
5.       In the Features pane in the IIS section, double click on Authentication
6.       Right click on Forms Authentication and select Disable (for SharePoint,only Windows and Anonymous access should be enabled for tokens and the claims service to work correctly)

Bad data in the Web.config File
Check the web.config file in the site for errors (use Windiff to compare to a working web.config) and/or remove any manual changes that may have been made.

3 comments:

alasdaircs said...

Brand new SharePoint 2013 SP1 install on Windows Server 2012 R2, and I needed this. Thanks.

mansuri.isteyaq said...

Not working

David M. Sterling said...

As mentioned in 2016, you should check your permissions (CA > Web Applications > Web Application > User Policy). The internal server error is generally due to a) not having set user policy, b) no access to the site(s) by the Application Pool Account or c) a database error (usually permissions). If none of that helps, look at the accounts running the services (services.msc).