Error: -
Source:
Service Control Manager
Event ID: 7024
Task Category: None
Level: Error
User: N/A
Computer: Server
Event ID: 7024
Task Category: None
Level: Error
User: N/A
Computer: Server
Description:
The IIS Admin Service service terminated with service-specific error 2148073478 (0x80090006).
Event Xml:
http://schemas.microsoft.com/win/2004/08/events/event
">The IIS Admin Service service terminated with service-specific error 2148073478 (0x80090006).
Event Xml:
IIS Admin Service
2148073478 (0x80090006)
Symptom: -
Windows could
not start the IIS Admin Service on Local Computer.
World wide
service may or may not start.
System can not
find the file specified.
Cause and overview: -
The reason
IISADMIN fails to start in this scenario is because of a failure to decrypt
secure data (User ACLs, Passwords) in Metabase.xml file, and the connectivity
with MachineKeys. The MachineKey is a file that IIS uses to decrypt secure data
in the Metabase.xml. There can be many machine key files in machineKeys
directory, but the Machinekey for IIS starts with “c23”.
We can see
machinekeys in two locations:
The first
location which is well known: -
%ALLUSERSPROFILE%\Application
Data\Microsoft\Crypto\RSA\MachineKeys
The other
location:-
%windir%\Profiles\All Users\Application
Data\Microsoft\Crypto\RSA\MachineKeys
How to locate correct location for MachineKeys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell
Folders
And from this
path we can confirm the correct location for MachineKeys
Checks for resolution: -
1)
Make
sure we’ve a metabase.xml file at C:\windows\system32\inetsrv folder
2)
Make
sure we’ve a C23 MachineKey file at the location found in above path
3)
Ensure
we’ve necessary permissions as per http://support.microsoft.com/kb/278381/en-us
4)
If
you’ve only one instance, then check and make sure that the date on the key
matches the date from the time when IIS was installed on the server. If the
date is newer than the last IIS install date, then the MachineKey that was used
to encrypt the metabase got lost and you’d have to reinstall IIS (if you don’t
have the MachineKyes backup anywhere)
5)
Or
else you could look at the suffix of C23 key (the entire length that follow “_”
in the C23 key) and check if it is different from any of the suffixes for other
keys in the container. This means that the machineKey (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptographic\MachineGUID)
for the machine has changed since the IIS was last installed on the machine. If
you don’t have a second instance of the “C23” key, then replace the suffix of
the older key with the MachineGUID value found the the registry and delete the
newer key. You should be able to restart IIS admin at this point. Also remember
that this does not fix IISadmin service startup problem, but prevents the C23
duplicate issue from happening again (which might be the cause of IISAdmin
startup issue).
6)
Finally
if it does not help to get the service start then you can use MSConfig to
disable all the third party (Non-Microsoft) service and see if it help to get
the service start.
***Additional Recommendation
Ensure that you backup IIS with password
secure option on regular basis, you can use this copy to transfer as well. The
full procedure to perfrom that can be found here
Ensure that the machine keys are also
backed up in the full system backup jobs.
I have a problem in one node of exchange in starting IIS admin and no any backed up. please help
ReplyDelete