Forefront Identity Manager 2010 Portal Error: System.Net.WebException: The remote name could not be resolved

Before I re-energised my blog I’d been thinking about what to post about. One of the things I’ve noticed is that prescriptive guidance for specific errors is sorely lacking presently. My plan was to blog about every error and solution I came across in development and deployment, as well as anything fully resolved on the forum. Of course I forgot to note down several so this has taken a bit of a backseat however one of my colleagues hit a nice layer-8 issue today that will be the first of many that I hope to cover.

The user-friendly error was the standard “Service not available” error. This doesn’t tell us much, so the first thing we must do is get the real error. Thomas Vuylsteke has published the step-by-step instructions on the TechNet wiki: How to Configure Detailed Error Pages for the FIM Portal. Follow the instructions in that article to configure detailed error pages for the FIM Portal. When done, regenerate the error (i.e. load the portal as the user who failed again) and see the real error.

In my colleague’s case he’d installed FIM and could not logon to the portal as the account that installed the FIM Service. He also couldn’t logon via NTLM. Once he’d enabled detailed error pages the solution was pretty obvious. Here is the full error:

The remote name could not be resolved: 'http' 
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 
Exception Details: System.Net.WebException: The remote name could not be resolved: 'http' 
Source Error: 
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. 
Stack Trace: 
[WebException: The remote name could not be resolved: 'http'] 
 System.Net.HttpWebRequest.GetRequestStream(TransportContext& context) +1003 
 System.Net.HttpWebRequest.GetRequestStream() +23 
 System.ServiceModel.Channels.WebRequestHttpOutput.GetOutputStream() +124 
[EndpointNotFoundException: There was no endpoint listening at http://http/ResourceManagementService/MEX that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.] 
 System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) +10257978 
 System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) +539 
 System.ServiceModel.Description.IMetadataExchange.Get(Message request) +0 
 Microsoft.ResourceManagement.WebServices.MetadataClient.Get(String dialect, String identifier) +236 
 Microsoft.ResourceManagement.WebServices.Client.SchemaManagerImplementation.RefreshSchema() +68 
 Microsoft.ResourceManagement.WebServices.ResourceManager.get_SchemaManager() +150 
 Microsoft.ResourceManagement.WebServices.ResourceManager..ctor(String typeName, LocaleAwareClientHelper localePreferences, ContextualSecurityToken securityToken) +35 
 Microsoft.IdentityManagement.WebUI.Controls.ConfigurationModelBase.RetrieveResources(String type, String filter, List`1 attributes) +168 
[ServerDownException: Error connecting to server] 
 Microsoft.IdentityManagement.WebUI.Controls.ConfigurationModelBase.RetrieveResources(String type, String filter, List`1 attributes) +1171 
 Microsoft.IdentityManagement.WebUI.Controls.PortalUIConfigurationModel.RetrievePortalUIConfiguration() +269 
 Microsoft.IdentityManagement.WebUI.Controls.PortalUIConfigurationModel.get_PortalUI() +118 
 Microsoft.IdentityManagement.WebUI.Controls.PortalUIConfigurationModel.get_BrandingLeftImageUrl() +16 
 Microsoft.IdentityManagement.WebUI.Controls.BrandBar.get_BrandTable() +117 
 Microsoft.IdentityManagement.WebUI.Controls.BrandBar.CreateChildControls() +32 
 System.Web.UI.Control.EnsureChildControls() +146 
 System.Web.UI.Control.PreRenderRecursiveInternal() +61 
 System.Web.UI.Control.PreRenderRecursiveInternal() +224 
 System.Web.UI.Control.PreRenderRecursiveInternal() +224 
 System.Web.UI.Control.PreRenderRecursiveInternal() +224 
 System.Web.UI.Control.PreRenderRecursiveInternal() +224 
 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3394 

In the case of the above the solution is straight-forward enough. On the “Configure FIM Service and Portal: Configure connection to the FIM Service” wizard page of the FIM Service & Portal setup the FIM Service Server address had been specified as a URL, e.g. http://idweb.contoso.com. A simple mistake. The correct format is the unqualified or qualified hostname, e.g. idweb or idweb.contoso.com.

Further validation can be made by inspecting the configuration file. Open the following file (assuming a default installation):

C:\Program Files\Microsoft Forefront Identity Manager\2010\Service\Microsoft.ResourceManagement.Service.exe.config

Within the <configuration> </configuration> section you’ll find two elements: resourceManagementClient and resourceManagementService:

<resourceManagementClient
resourceManagementServiceBaseAddress=idweb />

<resourceManagementService
externalHostName=idweb />

Note the resourceManagementServiceBaseAddress and externalHostName properties. In our case these were http://idweb whereas they should have been idweb.

How to fix? The correct way is to rerun setup and choose a Change installation type. When prompted enter the correct name without an HTTP or HTTPS prefix, i.e. enter simply the hostname.

Advertisements

About Paul Williams

IT consultant working for Microsoft specialising in Identity Management and Directory Services.
This entry was posted in FIM, FIM 2010, Troubleshooting and tagged , , , , , , , , , . Bookmark the permalink.

2 Responses to Forefront Identity Manager 2010 Portal Error: System.Net.WebException: The remote name could not be resolved

  1. Thanks Paul for excellent research.

    I encountered the same error today. When I tried to open the FIM portal (http://abc.com/IdentityManagement/), the browser redirected to the URL http://abc.com/_layouts/MSILM2/ErrorPage.aspx?ErrorCode=3000 and a message Service not available displayed. I looked at Forefront Identity Manager Service in the Service console and realized that it was not started. I tried to start it but failed in conjunction with a popup (Windows could not start the Forefront Identity Manager Service service on Local Computer).

    I re-changed password of FIM service account and then now it works well. One of the things should be a lesson for those who get this error is to check Account Lockout Policy. The reason is that when the FIM service account communicates to with FIMService database, if a connection somehow is disrupted, FIM service account will try to connect to FIM service database and then after 3 times (depending on Account Lockout policy), the FIM service account is blocked and the Forefront Identity Manager Service account is forced to stop. Make sure the credential of FIM service account is valid and it is not blocked before enabling CallStack, customerrors and investigating more.

    -T.s

  2. Pingback: “Service not available” displaying on FIM Portal |

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s