Wednesday, October 17, 2012

SHAREPOINT 2010 ERROR: "Cannot start service SPAdminV4 on computer '.'." error on SharePoint configuration wizard

It always repeats itself! Jeez!! Why!! Arrrrggghhhhhhh!!!
We can't run away from it. We can only hope 20 years up the line from now that SharePoint will stop giving us hair-tearing problems for no apparent known reason. I mean we are just on our own thinking everything is fine and we get that problem that almost makes you feel like you really don't know this thingy.

Let me let you in on the back story. I have this development server was just fine and good. Then I travelled on a vacation that was really long and sweet, and I basically returned with a little more flesh around my middle region. I mean, that means I had a groovy vacation. Ok, I'm sorry, I lied. It wasn't really a vacation, it was an official assignment that felts so good just like a vacation. I still remember the good times of it even now.

So, here I am, and then my boss says, "Hey James, um, please can you kindly send me the URL for the development server Central Admin?" So, just before I send it, I figured, um, let me just check it before sending it on, pretty normal cyclic redundancy check (crc) of every geek's brain, right? Well, it took forever, and it never came up, and after what feels like eternity, I get a pop-up asking me to setup central admin by running Configuration Wizard. I went like "What!" And then I checked some stuffs and I finally had to do the unthinkable, configure again. Well, it just went from fail, fail, to more fails and fails. Then I get this log entries and messages that's the title of this blog.

This entry is for those environments with the June 2012 CU for SharePoint 2012.  This patch causes CRL (Certificate Revocation List) checks to be enforced, which in turn affects some native functionality of SharePoint AdminV4 service. 
When running the SharePoint Product Configuration Wizard, the configuration will fail with the following error:

Failed to create the configuration database.
An exception of type System.InvalidOperationException was thrown.  Additional exception information: Cannot start service SPAdminV4 on computer '.'.

In order to bypass the CRL Check for SPAdminV4 service start-up, the following steps need to be completed on each SharePoint server.
·         Add a new computer policy which alters the options for retrieving certificate validation on a network
·         Add host file entries into the local computer host file

To do this:

  • Click on Start-Run
  • Type in "gpedit.msc" and click "OK"
  • Expand Computer Configuration --> Windows Settings --> Security Settings --> Public Key Policies
  • In the Public Key Policy window displayed on the right pane, double-click "Certificate Path Validation Settings"

  • Click on the "Network Retrieval" tab
  • Check the box "Define these policy settings"
  • Uncheck "Automatically update certificates in the Microsoft Root Certificate Program (recommended)" and "Allow issuer certificate (AIA) retrieval during path validation (recommended"
  • Click on "OK"

·         Close out of gpedit.msc console.

·         Click on Start --> Run
·         Type in "C:\Windows\System32\Drivers\Etc" and click "OK"
·         Double-click the file "Hosts"
·         Select "Notepad" as the program to open the file
·         Insert the following lines into the hosts file

Save file and exit notepad (you may encounter a little problem here saving the host file depending on your system's security hardness, a good way if you cant save the host file back to the ETC folder is to copy it out from the secure path to your desktop, modify it as it is and copy it back to overwrite the original). If you have gone this far in SharePoint, that shouldn't be a problem to you, it's pretty simple to workaround.
Problem solved.