Error in Remote Web Access domain setup - SBS 2011 Essentials

Very strange problem occuring with a new SBS 2011 essentials install, hoping someone has seen this before.

We are attempting to complete the domain setup wizard in the SBS dashboard.  We run the wizard and choose "I want to setup a new domain name", then "get a personalized domain name from microsoft", then enter our windows live credentials.  After clicking next, we get the following error:

the domain name was not setup for your server, wait a few minutes and run the wizard again.   An unexpected error or unknown problem occured.  Please wait a few minutes, and then try again.  

What seems to happen in the background is that the Windows Server Domain Name Management service crashes and I get the following 3 errors in the event log:

Log Name:      Application
Source:        .NET Runtime
Date:          14/03/2012 11:05:34 PM
Event ID:      1025
Task Category: None
Level:         Error
Keywords:      Classic
Application: SharedServiceHost.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Unhandled exception from operation:

Service type: Microsoft.WindowsServerSolutions.RemoteAccess.Domains.DomainProviderManager
Operation: [http://tempuri.org/] IDomainSignupManager.SetCredentials
Async: False
Parameters: 
   DomainNameRequest request
   DomainProviderCredentials credentials
   Boolean validate


System.IO.FileNotFoundException: Could not load msidcrl40.dll from C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll
   at Microsoft.WindowsServerSolutions.Identity.WindowsLive.ManagedIDCRL.Initialize(String proxy, Int32 version)
   at Microsoft.WindowsServerSolutions.RemoteAccess.Domains.WindowsLiveProviderBase.GetLiveRpsToken(DomainProviderCredentials credentials)
   at Microsoft.WindowsServerSolutions.RemoteAccess.Domains.WindowsLiveProviderBase.ValidateCredentials()
   at Microsoft.WindowsServerSolutions.RemoteAccess.Domains.DomainProviderManager.SetCredentials(DomainNameRequest request, DomainProviderCredentials credentials, Boolean validate)
   at SyncInvokeSetCredentials(Object , Object[] , Object[] )
   at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
   at Microsoft.WindowsServerSolutions.Common.ProviderFramework.Internal.ExceptionScreener._ScreenForExceptions(GeneralInvoker invokeMe, Object instance, Object[] inputs, Object[]& outputs)
Stack:
   at System.Environment.FailFast(System.String, System.Exception)
   at Microsoft.WindowsServerSolutions.Common.ProviderFramework.Internal.ExceptionScreener._ScreenForExceptions(GeneralInvoker, System.Object, System.Object[], System.Object[] ByRef)
   at Microsoft.WindowsServerSolutions.Common.ProviderFramework.Internal.ExceptionScreener.Invoke(System.Object, System.Object[], System.Object[] ByRef)
   at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean)
   at System.ServiceModel.Dispatcher.ChannelHandler.DispatchAndReleasePump(System.ServiceModel.Channels.RequestContext, Boolean, System.ServiceModel.OperationContext)
   at System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(System.ServiceModel.Channels.RequestContext, System.ServiceModel.OperationContext)
   at System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at Microsoft.WindowsServerSolutions.Common.ProviderFramework.Internal.AsyncResult`1[[Microsoft.WindowsServerSolutions.Common.ProviderFramework.Internal.InputChannelRequeuer`1+TryReceiveResult[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]], Sku, Version=6.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]].Complete(Boolean, System.Func`1<TryReceiveResult<System.__Canon>>)
   at Microsoft.WindowsServerSolutions.Common.ProviderFramework.Internal.CoalescingAsyncResult`1[[Microsoft.WindowsServerSolutions.Common.ProviderFramework.Internal.InputChannelRequeuer`1+TryReceiveResult[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]], Sku, Version=6.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]._MyCallback(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.FramingDuplexSessionChannel+TryReceiveAsyncResult.OnReceive(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.SynchronizedMessageSource+ReceiveAsyncResult.OnReceiveComplete(System.Object)
   at System.ServiceModel.Channels.SessionConnectionReader.OnAsyncReadComplete(System.Object)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Net.LazyAsyncResult.Complete(IntPtr)
   at System.Net.Security.NegotiateStream.ProcessFrameBody(Int32, Byte[], Int32, Int32, System.Net.AsyncProtocolRequest)
   at System.Net.Security.NegotiateStream.ReadCallback(System.Net.AsyncProtocolRequest)
   at System.Net.FixedSizeReader.CheckCompletionBeforeNextRead(Int32)
   at System.Net.FixedSizeReader.ReadCallback(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.ConnectionStream+ReadAsyncResult.OnAsyncReadComplete(System.Object)
   at System.ServiceModel.Channels.SocketConnection.AsyncReadCallback(Boolean, Int32, Int32)
   at System.Runtime.Fx+IOCompletionThunk.UnhandledExceptionFrame(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Open in new window


Log Name:      Application
Source:        Application Error
Date:          14/03/2012 11:05:36 PM
Event ID:      1000
Task Category: (100)
Level:         Error
Keywords:      Classic
Faulting application name: SharedServiceHost.exe, version: 6.1.1839.0, time stamp: 0x4d38a956
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x80131623
Fault offset: 0x000007ff00176c3e
Faulting process id: 0x20b8
Faulting application start time: 0x01cd026088c73238
Faulting application path: C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
Faulting module path: unknown
Report Id: 1dd64b2c-6e54-11e1-a9fe-e4115b1374f7

Open in new window


Log Name:      System
Source:        Service Control Manager
Date:          14/03/2012 11:05:37 PM
Event ID:      7034
Task Category: None
Level:         Error
Keywords:      Classic
The Windows Server Domain Name Management service terminated unexpectedly.  It has done this 10 time(s).

Open in new window


This happens over and and over, no matter what I've tried.  There seems little on the web about anything similar.  Thanks in advance.
EnvisionTechAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Cliff GaliherCommented:
There are a few conditions that the wizard does not handle gracefully. One of the most common is a mismatch in time between the server and MS's servers when attempting to log into Windows Live (to prevent man in the middle attacks.)

You *must* make sure your time is accurate to within 5 minutes of an accurate world clock. You *must* also ensure your timezone is set correctly. If the clock "appears" right, but the timezone is wrong, then you are exactly an hour off, or two, or three....and the Live login will fail and the wizard crashes...

-Cliff
0
EnvisionTechAuthor Commented:
Hi Cliff,

Thanks for the info.  I've already checked out the time mismatch possibility and everything looks correct.  Timezone is correct and I did a sync to pool.ntp.org before trying the connection.  But still the same problem.
0
djolsonCommented:
Greetings,

Not to hijack the thread, but I am experiencing the exact same issues.  I, too, have checked for any time mismatch; time and zone are correct.  Any updates on possible solutions would be most appreciated.

Edit to add question: is there a way to manually configure the domain and RWA, therefore bypassing the wizard?

DJ
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

EnvisionTechAuthor Commented:
based on the lack of response, i kinda figured I was an anomoly, so its good to hear that its not just my setup.  

I have yet to find a true solution, however, I did get around the problem by using the company domain and going through the wizard with that instead of using the microsoft provided domain and SSL cert.

If you setup your own domain with proper dns records and get your own ssl certificate, then you can just go through the wizard, answer the questions and then import the ssl certificate.  In this scenario the wizard completes successfully for me.

One quick question for you based on a pure hunch.  Are you using a firewall or some sort of gateway protection device?  If so, what brand?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
djolsonCommented:
The wizard does nothing for me, besides crash at the same point as described in the OP.  Using a GoDaddy account, as that is what's recommended in the wizard.  GoDaddy tech support was very helpful in getting the SSL cert installed, but the wizard will not complete.  Hence, the domain is not setup and RWA will not connect.

Decided to try and at least get the server, domain and RWA working before installing the firewall; remove that from the equation for now.  The router is configured per MS instructions.

Wish there was some sort of a workaround here as the wizard obviously has some issues.  Anyone, anyone... Bueller, Bueller?
0
EnvisionTechAuthor Commented:
no better answers
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.