Server Event Logs

  • Article

The tables in this section provide information about MBAM Server log event IDs.

Configuration

The following table contains messages and troubleshooting information for event IDs that can occur on the MBAM Server during configuration.

Event ID Source Event symbol Message Troubleshooting

103

Microsoft-Windows-MBAM-Server/Operational

VssRegistrationException

An exception was thrown during VSS registration.

104

Microsoft-Windows-MBAM-Server/Operational

VssDeregistrationException

An exception was thrown during VSS deregistration.

300

Microsoft-Windows-MBAM-Server /Admin

CmdletError

Failed in removing folder.

Indicates that a terminating error occurred while performing a task. Inspect other event messages in the log to further diagnose MBAM setup.

301

Microsoft-Windows-MBAM-Server /Admin

cmdletUnexpectedError

Unexpected Cmdlet error.

302

Microsoft-Windows-MBAM-Server /Admin

CmdletWarning

Cmdlet warning.

303

Microsoft-Windows-MBAM-Server/Operational

CmdletInformation

Cmdlet information.

Informational only; no troubleshooting required. The event indicates that a task is taking place by the Cmdlets such as enabling\disabling a feature or cancelling an operation.

400

Microsoft-Windows-MBAM-Server /Admin

ConfiguratorError

Configurator error.

Indicates that an error has occurred while launching the MBAM Configurator. Ensure that the user has adequate privileges to launch the MBAM Configurator.

401

Microsoft-Windows-MBAM-Server /Admin

ConfiguratorUnexpectedError

Unexpected Configurator error.

Indicates that a terminating error has occurred while performing an MBAM Configurator task. The error message will contain more details about the error. Inspect other error messages in the event log to further diagnose MBAM setup. Known errors include:

  • Failure to retrieve or validate a Certificate that was selected by the user

  • Failure to parse the Reports URL

  • Failure to open Event Logs for the user

402

Microsoft-Windows-MBAM-Server /Admin

ConfiguratorWarning

Configurator warning.

Indicates that an MBAM Configurator task is not complete as expected but did not fail completely. Known tasks include missing certificate in the LocalMachine\My store that was configured in the web application feature, or a timeout for a pending task.

410

Microsoft-Windows-MBAM-Server/Operational

ConfiguratorInformation

Configurator information.

Informational only; no troubleshooting required. The event indicates that a task is being invoked by the MBAM Configurator. Known tasks include:

  • Launching the configurator

  • Checking software prerequisites for an MBAM feature

  • Validating parameters for an MBAM feature

  • Enabling\disabling\committing an MBAM feature

  • Generating a PowerShell script from the configurator

500

Microsoft_Windows_MBAM_Server_Admin

WebProviderUnexpectedError

Web application provider unexpected error.

Indicates that an error has occurred while enabling and configuring an MBAM web site or web service in IIS. Known errors include:

  • Failure to find IIS WWW root folder

  • Failure to access IIS configuration in web.config due to malformed files or missing settings

  • Failure to create or remove a web application

  • IIS access violation

This error is also logged if MBAM cannot access Active Directory (AD) to validate user accounts. Verify that IIS is installed, correctly configured, and the IIS service is running. Verify that all the MBAM software prerequisite checks pass. Verify that the user has the correct permissions to create web applications on the IIS instance. Verify that the user has access to read user account objects in AD.

501

Microsoft-Windows-MBAM-Server /Admin

WebProviderError

Web application provider unexpected error.

Indicates that an error has occurred while enabling, disabling, or configuring an MBAM web site or web service in IIS. Known errors include:

  • Failure to read basic or WSHttp binding information from IIS

  • Missing identity section or DNS entry in identity section in IIS config files

  • Failure to open registry key HKLM\SOFTWARE\Microsoft\InetStp

  • Failure to read value PathWWWRoot from registry key HKLM\SOFTWARE\Microsoft\InetStp

  • User is trying to specify a virtual directory name with a reserved name for MBAM

Verify that IIS is installed and correctly configured. Verify that the registry key HKLM\SOFTWARE\Microsoft\InetStp:PathWWWRoot exists and accessible. Verify that the binding information in IIS is not corrupt.

502

Microsoft-Windows-MBAM-Server /Admin

WebProviderWarning

Web application provider warning.

Indicates that a non-terminating error has occurred while enabling an MBAM web site or web service. Known errors include:

  • Failure to access AD to validate the Service Principal Name (SPN) on the app pool account

  • Failure to validate SPN because it is assigned to multiple accounts in AD

  • Failure to register an SPN on the app pool account in AD

  • SPN is registered on an account other than the app pool in AD

  • Failure to remove SPN from the app pool account in AD during a rollback operation

  • Failure to check if the IIS_IUSRS group has been granted the logon as batch privilege on the IIS server

The event message will contain more information about the specific error. Verify that AD is reachable from the server where MBAM setup is running. Verify that the user who is running the MBAM setup has read permissions on the app pool account in AD. If an SPN is already registered on the app pool account in AD then make sure that it is not registered on other accounts.

503

Microsoft-Windows-MBAM-Server/Operational

WebProviderInformation

Web application provider information. {Description}

Informational only; no troubleshooting required. The event indicates that a task is being invoked by the MBAM Setup. Known tasks include getting IIS configuration such as binding information and root site, and configuring Service Principal Name (SPN).

600

Microsoft-Windows-MBAM-Server /Admin

SetupUnexpectedError

Unexpected setup error.

Indicates that a terminating error has occurred while enabling\disabling or configuring an MBAM feature. Known errors include:

  • Failure to rollback a task after an error

  • Failure to read from the registry

  • Failure to create or delete a folder in the file system

  • Failure to read SQL version information

  • Failure to register VSS writer in SQL

The event message will contain more information about the specific error. Verify that all MBAM software prerequisite checks pass. Make sure the MBAM registry path, if exists, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MBAM Server and all the subkeys are readable. Verify that AD is reachable from the server where MBAM setup is running. Verify that the user who is running the MBAM setup has read permissions in AD.

For a successful VSS writer registration, verify that a supported version of SQL is installed and an instance is accessible to the user who is running the MBAM setup. If disabling an MBAM feature or uninstalling MBAM verify that all files such as log files and web.config files are closed so MBAM can remove its web sites and web services.

601

Microsoft-Windows-MBAM-Server /Admin

SetupError

Setup error.

Indicates that a terminating error has occurred while enabling\disabling or configuring an MBAM feature. Known errors include:

  • Failure to read MBAM configuration in IIS

  • Corrupt appSettings section in IIS configuration or misconfigured settings

  • Failure to validate host name

  • Failure to read SQL version information

  • Failure to register VSS writer in SQL

The event message will contain more information about the specific error. Verify that IIS is installed and configured correctly. Verify that all MBAM software prerequisite checks pass. For a successful VSS writer registration, verify that a supported version of SQL is installed and an instance is accessible to the user who is running the MBAM setup.

602

Microsoft-Windows-MBAM-Server /Admin

SetupWarning

Setup warning.

Indicates that a non-terminating error has occurred while enabling\disabling or configuring an MBAM feature such as Configuration Manager (CM) Integration or MBAM web application. Known errors include: failure to delete MBAM Reports from SRS Role point in the CM, and failure to resolve a host name from the domain controller. The event message will contain more information about the specific error.

Verify that AD is reachable from the server where MBAM setup is running. Verify that the user who is running the MBAM setup has remove permissions on the SSRS instance that is configured as an SRS Role point in CM.

603

Microsoft-Windows-MBAM-Server/Operational

SetupInformation

Setup information.

Informational only; no troubleshooting required.

605

Microsoft-Windows-MBAM-Server /Admin

WebProviderSoftwareCheckFailure

Web application cannot be enabled because one or more software dependencies are not being met.

During MBAM web site/web service installation, MBAM setup verifies if necessary prerequisites are in place. This message indicates that MBAM failed to install the requested web site/web service as the necessary prerequisite is missing. Refer to error messages preceding this message to get more information about missing prerequisites.

606

Microsoft-Windows-MBAM-Server /Admin

SetupParameterValidationFailure

The parameter that is needed to enable the server feature was either not specified or it did not pass the validation.

Indicates that the parameter that is needed to configure an MBAM feature was either not specified or it did not pass the validation.

607

Microsoft-Windows-MBAM-Server /Admin

SetupParameterValidationFailureWithError

Error encountered while trying to validate specified parameter that is needed to enable the server feature.

Indicates that an error was encountered while trying to validate specified parameter that is needed to enable the server feature.

700

Microsoft-Windows-MBAM-Server /Admin

DbProviderUnexpectedError

DB provider unexpected error.

701

Microsoft-Windows-MBAM-Server /Admin

DbProviderError

DB provider error.

The message contained in the EventDetails section should provide more information about actual error. These are some of the areas to verify:

  • MBAM Setup failed to connect to Database using the provided connection information. Verify the connection string details provided to MBAM setup.

  • MBAM Setup could not connect to the given database using the supplied domain account credentials. Verify that domain account user name and password are valid.

  • MBAM Setup could not connect to the given database using the supplied domain account credentials. Verify that the provided domain account has necessary permissions in place to connect to MBAM database.

  • MBAM Dac pac will fail if a newer version of MBAM database is already installed. Verify that a new version of MBAM DBs does not exist on the given SQL server.

702

Microsoft-Windows-MBAM-Server /Admin

DbProviderWarning

DB provider warning.

703

Microsoft-Windows-MBAM-Server/Operational

DbProviderInformation

DB provider information.

Informational only; no troubleshooting required.

704

Microsoft-Windows-MBAM-Server /Admin

DbProviderDacError

An error occurred while deploying the Data-Tier Application.

MBAM packages its databases as data tier applications and tries to register them using Microsoft.SqlServer.Dac.DacServices. The error message in context is reported by DAC service. The event should contain detailed information about what caused it. Read the information in the error message to troubleshoot and fix the issue.

705

Microsoft-Windows-MBAM-Server /Admin

DbProviderDacWarning

A warning occurred while deploying the Data-Tier Application.

MBAM packages its databases as data tier application and tries to register them using Microsoft.SqlServer.Dac.DacServices. The warning message in context is reported by DAC service. The event should contain detailed information about what caused it. Read the information in the warning message to troubleshoot and fix the issue.

706

Microsoft-Windows-MBAM-Server/Operational

DbProviderDacInformation

A message was raised while deploying the Data-Tier Application.

Informational only; no troubleshooting required.

800

Microsoft-Windows-MBAM-Server /Admin

ReportProviderUnexpectedError

Report provider unexpected error.

Report provider unexpected error. {Description} {exceptionDetails} These are some of the possible exception details:

An error occurred while getting the name of directory '{directoryName}'

An exception occurred while getting files for directory '{directoryName}'

An exception occurred while enumerating directories in directory '{directoryName}'

An exception occurred while reading all bytes for file '{fileName}'

During MBAM installation, MBAM setup unzips all the report files to the specified installation path. As a part of report installation, install module tries to access the unzipped report files at installation path and communicates with SQL Reporting services to publish the report files. The above errors occur when MBAM cannot access the files/folders at unzipped Installation path. These are some tips to troubleshoot this issue:

  • Verify that MBAM is installed.

  • Verify that regkey HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MBAM Server\InstallationPath is present and accessible to the executing user.

  • Verify that Path to Report files under MBAM InstallationPath does not exceed 248 characters.

  • Verify that MBAM Setup folder or the files contained in MBAM Installation path has not been modified since installation.

  • Verify that user running the setup is authorized to read from/write to MBAM Installation folder.

Reporting Services connectivity failed.{exceptionDetails}

During MBAM reports installation, modules tries to communicate with SSRS web services to create folders and publish reports. The above message indicates that MBAM could not find or communicate with SSRS web services. These are some tips to troubleshoot this issue:

  • Verify that SSRS is installed on the specified machine.

  • Using SSRS console verify that SSRS is enabled and running.

  • Verify that user running the setup is authorized to access SSRS.

Failed to remove the MBAM Reports using Reporting Services instance URL '{SSRSInstanceUrl}'.Make sure the SSRS instance required for MBAM Reports is running and configured correctly.

When MBAM installation fails or When user disables MBAM Reporting features, setup module removes SSRS reports. The above message indicates that MBAM failed to remove SSRS reports. These are some tips to troubleshoot this issue:

  • Verify that SSRS is installed on the specified machine.

  • Using SSRS console verify that SSRS is enabled and running.

  • Verify that the user running the setup is authorized to access SSRS.

An error occurred while publishing reports.{exceptionDetails}.

During MBAM reports installation, modules tries to communicate with SSRS web services to create folders and publish reports. The above message indicates that SSRS web service reported and exception while publishing reports. These are some tips to troubleshoot this issue:

  • Using SSRS console verify that SSRS is enabled and running.

  • Verify that the user running the setup is authorized to access/publish reports to SSRS.

A policy for group user name '{userName}' already exists. In case this is not correct, manually revise the Reporting Service for duplicate or invalid policies.

After Publishing MBAM reports, MBAM setup tries to create a MBAM Report Users roles (if it does not exist already) and sets corresponding user policy. The above error indicates that SSRS web service threw an exception while setting up report user role policy. Follow the instructions in the event message and refer to "https://www.microsoft.com/technet/support/ee/transform.aspx?ProdName=SQL+Server+Reporting+Services&ProdVer=8.00&EvtID=rsInvalidPolicyDefinition&EvtSrc=Microsoft.ReportingServices.Diagnostics.ErrorStrings.resources.Strings&LCID=1033"; for more help.

An error occurred while validating access to SSRS {exceptionDetails}.

As part of prerequisite check, MBAM setup verifies if the user has necessary permissions to access/create folder under SSRS. The error message indicates that an exception has occurred while verifying access to SSRS. Refer to the exception details for debugging tips.

A SOAP error occurred while checking the SSRS URL.{exceptionDetails}

A web error occurred while checking the SSRS URL.{exceptionDetails}

An http/https error occurred while checking the SSRS URL.{exceptionDetails}

An error occurred while checking the SSRS URL.{exceptionDetails}

As part of prerequisite check, MBAM setup retrieves URLs associated with the supplied SSRS instance and tries to communicate with SSRS web service. The above error message indicates that SSRS web service at the given URL threw an exception, Refer to exception details for more information. These are some tips to resolve SSRS communication issues.

  • Verify that SSRS is installed on the specified machine.

  • Using SSRS console verify that SSRS is enabled and running.

  • Verify that the user running the setup is authorized to access SSRS.

An error occurred while retrieving the SSRS version. {exceptionDetails}

As part of prerequisite check, MBAM setup queries WMI to retrieve the version number associated to the supplied SSRS instance. The above error message indicates that an exception occurred while querying WMI. Refer to exceptionDetails for more information. These are some checks you can perform:

  • Verify that SSRS with given instance name is installed on the specified machine.

  • Using SSRS console verify that SSRS is enabled and running.

  • Verify that the user executing the setup is authorized to query SSRS class under WMI namespace.

The current user is not authorized to access the WMI namespace '{ssrsWMINamespace}'.

An error occurred while enumerating the namespace '{ssrsWMINamespace}'. RPC server for SSRS WMI provider on the local host is not found.

An error occurred while enumerating the namespace '{ssrsNamespace}'. Unable to find an instance of SSRS on the local host.

An error occurred while accessing WMI. RPC server for instance '{ssrsInstance}' was not found.

An error occurred while accessing WMI. Instance name '{ssrsInstanceName}' is not correct.

An error occurred while accessing WMI. Unable to find instance '{ssrsInstanceName}' on the local host.

As part of prerequisite check, MBAM setup queries WMI to retrieve WMI namespace associated to given instance. The above error message indicates that and exception was occurred while querying WMI. Refer to exceptionDetails for more information. These are some checks you can perform:

  • Verify that SSRS with given instance name is installed on the specified machine.

  • Using SSRS console verify that SSRS is enabled and running.

  • Verify that the user running the setup is authorized to access/query SSRS class under WMI namespace.

801

Microsoft-Windows-MBAM-Server /Admin

ReportProviderError

Report provider unexpected error.

Given the SQL server reporting services instance name, MBAM tries to find the WMI namespace corresponding to the reporting instance and connect to it. This error occurs if MBAM encounters an exception when MBAM searches for or tries to connect to SSRS WMI namespace. Read the information in the error messages logged in the MBAM setup channel before this message to get more details. Here are some things you can check:

  • Verify that SSRS with supplied instance name is up and running

  • Verify that the user account running MBAM installation has necessary permissions to query/connect to SSRS WMI namespace

802

Microsoft-Windows-MBAM-Server /Admin

ReportProviderWarning

Report provider warning.

803

Microsoft-Windows-MBAM-Server/Operational

ReportProviderInformation

Report provider information.

Informational only; no troubleshooting required.

900

Microsoft-Windows-MBAM-Server /Admin

CMProviderUnexpectedError

CM provider unexpected error.

Indicates that a terminating error has occurred while enabling\disabling or configuring the Configuration Manager (CM) Integration feature in MBAM. Known errors include:

  • Failure to connect to the CM site server via the SMS Provider

  • Failure to read from the registry

  • Failure to create or delete a folder in the file system

  • Failure to locate the Configuration Manager Console installation on the local machine

  • Failure to retrieve information for the SSRS instance that is configured as an SRS Role point in CM

The event message will contain more information about the specific error. Verify that all MBAM software prerequisite checks pass. Verify that the MBAM registry path, if exists, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MBAM Server and all the subkeys are readable. Verify that MBAM is being integrated with a supported version of Configuration Manager. Verify that the Configuration Manager Console is installed on the machine where the MBAM setup is being invoked and that the console can be used to connect to the target CM Site Server. Verify that a valid SSRS instance is configured as an SRS Role point in CM and that the user who is running the MBAM setup has read\write permissions on the SSRS instance.

901

Microsoft-Windows-MBAM-Server /Admin

CMProviderError

CM provider unexpected error.

Indicates that a terminating error has occurred while enabling\disabling or configuring the Configuration Manager (CM) Integration feature in MBAM. Known errors include:

  • failure to connect to the CM Site Server via the SMS Provider

  • failure to read from the registry

  • failure to create or delete a folder in the file system

  • failure to locate the Configuration Manager Console installation on the local machine

  • missing ConfigMgr folder in SSRS as the root folder for the SRS Role point reports

  • missing ConfigMgr shared data source in SSRS

  • failure to deploy SSRS reports in the SSRS instance that is configured as an SRS Role point in CM

  • failure to create Configuration Items and baselines in CM

The event message will contain more information about the specific error. Verify that all MBAM software prerequisite checks pass. Verify that the MBAM registry path, if exists, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MBAM Server and all the subkeys are readable. Verify that MBAM is being integrated with a supported version of Configuration Manager. Verify that the Configuration Manager Console is installed on the machine where the MBAM setup is being invoked and that the console can be used to connect to the target CM Site Server. Verify that the user has the required read\write permissions to create Configuration Items, Baselines, and Collections in CM. Verify that a valid SSRS instance is configured as an SRS Role point in CM and that the user who is running the MBAM setup has read\write permissions on the SSRS instance.

902

Microsoft_Windows_MBAM_Server_Admin

CMProviderWarning

CM provider warning.

Indicates that a non-terminating error has occurred while enabling the Configuration Manager (CM) Integration feature. Known errors include: failure to commit collection rules in the MBAM Supported Computers collection in CM, and other SSRS and network related errors.

The event message will contain more information about the specific error. Some operations that caused this warning are retired after the warning. If after several retries the error persists, then MBAM might end with an actual error. Inspect other event messages in the log to further diagnose MBAM setup.

903

Microsoft-Windows-MBAM-Server/Operational

CMProviderInformation

CM provider information.

Informational only; no troubleshooting required.

Operation

The following table contains messages and troubleshooting information for event IDs that can occur while MBAM is running.

Event ID Source Event Symbol Message Troubleshooting

1

Microsoft-Windows-MBAM-Web/Admin

WebAppSpnError

Application: {SiteName}{VirtualDirectory} is missing the following Service Principal Names (SPNs):{ListOfSpns} Register the required SPNs on the account: {ExecutionAccount}.

For Integrated Windows Authentication to succeed, necessary SPNs needs to be in place. This message indicates that the SPN required for MBAM application has not been correctly configured. Details contained in this event should provide more information.

See “Service Principal Name (SPN)” in MBAM 2.5 Server Prerequisites for Stand-alone and Configuration Manager Integration Topologies for more information.

4

Microsoft-Windows-MBAM-Web/Operational

PerformanceCounterError

An error occurred while retrieving a performance counter.

Message:{EventMessage}Category:{CategoryOfPerformanceCounter} Performance Counter:{NameOfPerformanceCounter} Instance:{Name of performance counter category instance} Exception:{ExceptionThrown}

Trace message will contain the actual exception message, some of which are explained here:

ArgumentNullException: This exception is thrown if the category, counter or instance of requested Performance counter is invalid.

System.InvalidOperationException: categoryName is an empty string ("").-or- counterName is an empty string("").

-or- The read/write permission setting requested is invalid for this counter.

-or- The category specified does not exist (if readOnly is true).

-or- The category specified is not a .NET Framework custom category (if readOnly is false).

-or-The category specified is marked as multi-instance and requires the performance counter to be created with an instance name.

-or-instanceName is longer than 127 characters.

-or-categoryName and counterName have been localized into different languages.

System.ComponentModel.Win32Exception: An error occurred when accessing a system API.

System.PlatformNotSupportedException: The platform is Windows 98 or Windows Millennium Edition (ME), which does not support performance counters.

System.UnauthorizedAccessException: Code that is executing without administrative privileges attempted to read a performance counter.

The message contained in the event will provide more details around the exception that was thrown. If a System.UnauthorizedAccessException was thrown, verify that MBAM execution account (app pool) has access to performance counter APIs.

100

Microsoft-Windows-MBAM-Web/Admin

AdminServiceRecoveryDbError

GetMachineUsers: An error occurred while getting user information from the database. Message:{message} -or-

GetRecoveryKey: an error occurred while getting recovery key from the database. Message:{message} -or-

GetRecoveryKey: an error occurred while getting user information from the database. Message:{message} -or-

GetRecoveryKeyIds: an error occurred while getting recovery key Ids from the database. Message:{message} -or-

GetTpmHashForUser: An error occurred while getting TPM hash data from the recovery database. Message:{message} -or-

GetTpmHashForUser: An error occurred while getting TPM hash data from the recovery database. Message:{message}-or-

QueryDriveRecoveryData: An error occurred while getting drive recovery data from the database. Message:{message}-or-

QueryRecoveryKeyIdsForUser: An error occurred while getting recovery key Ids from the database. Message:{message} -or-

QueryVolumeUsers: An error occurred while getting user information from the database.

This message is logged whenever there is an exception while communicating with the MBAM recovery database. Read through the information contained in the trace to get specific details about the exception.

For detailed troubleshooting steps, see the TechNet article How to Troubleshoot Connecting to the SQL Server Database Engine.

101

Microsoft-Windows-MBAM-Web/Admin

AdminServiceComplianceDbError

GetRecoveryKey: An error occurred while logging an audit event to the compliance database. Message:{message} -or-

GetRecoveryKeyIds: An error occurred while logging an audit event to the compliance database. Message:{message} -or-

GetTpmHashForUser: An error occurred while logging an audit event to the compliance database. Message:{message} -or-

QueryRecoveryKeyIdsForUser: An error occurred while logging an audit event to the compliance database. Message:{message} -or-

QueryDriveRecoveryData: An error occurred while logging an audit event to the compliance database. Message:{message}

This message is logged whenever there is an exception while communicating the MBAM compliance database. Read through the information contained in the trace to get specific details about the exception.

For detailed troubleshooting steps, see the TechNet article How to Troubleshoot Connecting to the SQL Server Database Engine.

102

Microsoft-Windows-MBAM-Web/Admin

AgentServiceRecoveryDbError

This message indicates an exception when MBAM Agent service tries to communicate with the recovery database. Read through the message contained in the event to get specific information about the exception.

See the TechNet article How to Troubleshoot Connecting to the SQL Server Database Engine to verify whether the MBAM app pool account has required permissions in place to connect or execute on MBAM recovery database.

103

Microsoft-Windows-MBAM-Web/Admin

AgentServiceError

Unable to detect client machine account or data migration user account. -or-

Account verification failed for caller identity.

Whenever a call is made to the "PostKeyRecoveryInfo", "IsRecoveryKeyResetRequired", "CommitRecoveryKeyRest", or "GetTpmHash" web methods on MBAM Agent services, it retrieves the caller context to obtain caller credentials. If the caller context is null or empty, the MBAM Agent service logs "Unable to detect client machine account or data migration user account."

The message "Account verification failed for caller identity " is logged if the web method is expecting the caller to a be computer account and the caller is not a computer account, or if the web method is excepting the caller to be a user account and the caller is not a user account or member of data migration group account.

104

Microsoft-Windows-MBAM-Web/Admin

StatusServiceComplianceDbConfigError

"The Compliance database connection string in the registry is empty."

This message is logged whenever the compliance db connection string is invalid.

Verify the value at the registry key HKLM\Software\Microsoft\MBAM Server\Web\ComplianceDBConnectionString

105

Microsoft-Windows-MBAM-Web/Admin

StatusServiceComplianceDbError

This error indicates that MBAM websites/web services were unable to connect to the MBAMCompliance database.

See the TechNet article How to Troubleshoot Connecting to the SQL Server Database Engine to verify that the IIS app pool account could connect to the MBAM compliance database.

106

Microsoft-Windows-MBAM-Web/Admin

HelpdeskError

The request to URL {url} caused an internal error. -or-

An error occurred while obtaining execution context information. Unable to verify Service Principal Name (SPN) registration. -or-

An error occurred while verifying Service Principal Name (SPN) registration.

Indicates that an unhandled exception has been raised in Helpdesk application. Review the log entries in the MBAM Admin operational channel to find the specific exception. –or-

During the initial Helpdesk website load operation, an SPN check is performed. To verify SPN, the Helpdesk requires execution account information, IIS Sitename, and ApplicationVirtualPath corresponding to Helpdesk website. This error message is logged when one or more of these is invalid or missing. –or-

This message indicates that a security exception is thrown while performing SPN verification. Refer to the exception contained in event details section.

107

Microsoft-Windows-MBAM-Web/Admin

SelfServicePortalError

An error occurred while getting recovery key for a user. EventDetails:{ExceptionMessage} -or-

An error occurred while obtaining execution context information. Unable to verify Service Principal Name (SPN) registration. EventDetails: User: {username Identity} Application:{SiteName\ApplicationVirtualPath} -or-

An error occurred while verifying Service Principal Name (SPN) registration. EventDetails:{ExceptionMessage}

Indicates that an unexpected exception was thrown when a request was made to retrieve recovery key. Refer to the exception message contained in event details section. If tracing is enabled on MBAM Helpdesk, refer to trace data to obtain detailed exception messages. –or-

During an initial load operation, the Self-Service Portal (SSP) retrieves execution account information, IIS Sitename, and ApplicationVirtualPath corresponding to the Self-Service website to verify SPN. This error message is logged when one or more of these is invalid. –or-

This message indicates that a security exception was thrown while performing SPN verification. Refer to the exception contained in event details section.

108

Microsoft-Windows-MBAM-Web/Admin

DomainControllerError

An error occurred while resolving domain name {DomainName}, A memory allocation failure occurred. -or-

Could not invoke DsGetDcName method. EventDetails:{ExceptionMessage}

To resolve Domain name, MBAM leverages "DsGetDcName" windows API. This message is logged when "DsGetDcName" returns "ERROR_NOT_ENOUGH_MEMORY" indicating a memory allocation failure. –or-

This message indicates that "DsGetDcName" API method is unavailable on the hosting system.

109

Microsoft-Windows-MBAM-Web/Admin

WebAppRecoveryDbError

An error occurred while reading the configuration of the Recovery database. The connection string to the Recovery database is not configured. Message:{message} -or-

DoesUserHaveMatchingRecoveryKey: an error occurred while getting recovery key Ids for a user. Message:{message} -or-

QueryDriveRecoveryData: an error occurred while getting drive recovery data. Message:{message} -or-

QueryRecoveryKeyIdsForUser: an error occurred while getting recovery key Ids for a user. Message:{message} -or-

An error occurred while getting TPM password hash from the Recovery database. EventDetails:{ExceptionMessage}

This message indicates that recovery database connection string information at "HKLM\Software\Microsoft\MBAM Server\Web\RecoveryDBConnectionString" is invalid. Verify the given registry key value. –or-

If any of the remaining messages are logged, refer to the troubleshooting steps listed at the TechNet article How to Troubleshoot Connecting to the SQL Server Database Engine to verify whether a connection could be made to the MBAM Recovery database from IIS server using app pool credentials.

110

Microsoft-Windows-MBAM-Web/Admin

WebAppComplianceDbError

An error occurred while reading the configuration of the Compliance database. The connection string to the Compliance database is not configured. -or-

GetRecoveryKeyForCurrentUser: an error occurred while logging an audit event to the Compliance database. Message:{message} -or-

QueryRecoveryKeyIdsForUser: an error occurred while logging an audit event to the Compliance database. Message:{message} -or-

QueryRecoveryKeyIdsForUser: an error occurred while logging an audit event to the compliance database. Message:{message}

This message indicates that compliance db connection string information at "HKLM\Software\Microsoft\MBAM Server\Web\ComplianceDBConnectionString" is invalid. Verify the value corresponding to above registry key. –or-

If any of the remaining messages are logged, refer to the troubleshooting steps listed at the TechNet article How to Troubleshoot Connecting to the SQL Server Database Engine to verify whether a connection could be made to the MBAM Compliance database from IIS server using app pool credentials.

111

Microsoft-Windows-MBAM-Web/Admin

WebAppDbError

These errors indicate one of the following two conditions

  • MBAM websites/webservices were unable to either connect to MBAMCompliance OR MBAMRecovery database

  • MBAM websites/webservices execution account(app pool account) could not run the GetVersion stored procedure on MBAMCompliance OR MBAMRecovery database

The message contained in the event will provide more details about the exception.

Refer to the troubleshooting steps listed at the TechNet article How to Troubleshoot Connecting to the SQL Server Database Engine to verify that the MBAM execution account (app pool account) could connect to MBAM compliance/recovery database and it has permissions in place to execute GetVersion stored procedure.

112

Microsoft-Windows-MBAM-Web/Admin

WebAppError

An error occurred while verifying Service Principal Name (SPN) registration. EventDetails:{ExceptionMessage}

To perform SPN verification, MBAM queries Active Directory to retrieve a list of SPNs mapped execution account. MBAM also queries the "ApplicationHost.config" to obtain MBAM website bindings. This error message indicates that MBAM could not communicate with Active Directory or it could not load the applicationHost.config file.

Verify that the execution account (app pool account) has permissions to query AD or the ApplicationHost.config file. Also verify the site binding entries in ApplicationHost.config file.

200

Microsoft-Windows-MBAM-Web/Operational

HelpDeskInformation

The administration website application successfully found and connected to a supported version of the Recovery database. -or-

The administration website application successfully found and connected to a supported version of the Compliance database.

Indicates successful connection to the Recovery/Compliance database from the MBAM Helpdesk website.

201

Microsoft-Windows-MBAM-Web/Operational

SelfServicePortalInformation

The Self-Service Portal application successfully found and connected to a supported version of the Recovery database. -or-

The Self-Service Portal application successfully found and connected to a supported version of the Compliance database.

Indicates successful connection to the Recovery/Compliance database from the MBAM Self-Service Portal.

202

Microsoft-Windows-MBAM-Web/Operational

WebAppInformation

Application has its SPNs registered correctly.

Indicates that the SPNs required for the MBAM Helpdesk website are correctly registered against the executing account.

Technical Reference for MBAM 2.5

Client Event Logs

Got a suggestion for MBAM?

For MBAM issues, use the MBAM TechNet Forum.