PSA: SharePoint 2010 Claims Based Web Apps on Win 2008R2 Pre-SP1 Blown Up with Recent Security Fix

Friday, January 11, 2013 3:25 PM

Little public service announcement. What follows applies to the following scenario:

  • SharePoint 2010 Web Application configured as a Claims Based Authentication (CBA)
  • Running on a Windows Server 2008 R2 without Service Pack 1 (if you have SP1, you’re ok)

Were things working fine for you but then all the sudden when you try to login all the sudden you get the ASP.NET yellow screen of death telling you the following:

Exception: System.ServiceModel.ServiceActivationException: The service ‘http://..:#####/SecurityTokenServiceApplication/securitytoken.svc’ cannot be activated due to an exception during compilation.

And when you dig a little further you see the inner exception is:

Method not found: ‘System.String System.ServiceModel.Activation.Iis7Helper.ExtendedProtectionDotlessSpnNotEnabledThrowHelper(System.Object)’

What’s up? Ends up there was a security hotfix (KB2756920) that was installed on January 9, 2013 (if you had auto updates turned on) that caused this error. One fix is apparently to install Service Pack 1 but the other fix is to uninstall that hotfix and restart the machine.

comments powered by Disqus