from:http://blogs.technet.com/b/sharepoint_-_inside_the_lines/archive/2013/06/23/404-amp-401-errors-with-the-app-management-service.aspx

I recently was testing out the configuration of the App Management Service in SharePoint 2013.  For the most part I followed the TechNet article on the steps but because I like to create scripts I can share with customers I did the configuration in PowerShell.  Below is the script which not only creates the App Management Service but also the Subscription Service which is required by the App Management Service.  (If you use this script make sure you setup your service accounts as managed accounts first)  I also like to get my DNS Forward Lookup Zone and wildcard CNAME alias created before running the script in case the AD/DNS guys have any changes they want to suggest.

To setup the DNS forward lookup zone and wildcard CNAME alias I followed the TechNet article I already referenced but in case you are following this post instead of that I’ll quickly rehash it.  First, open DNS then right click Forward Lookup Zoneand click New Zone.  When going through the wizard click Next to start it then select Primary Zone and click Next.  Then choose if it is at the Forest or the Domain, in my case it doesn’t matter so I chose Domain and then click Next.  Next you will provide a name for your zone (CampBushnellApps.lcl – This will become the $AppDomain variable in the script below).  Once that’s done I use the defaults through the rest of the wizard and click Finish to create.

Now I can create the wildcard CNAME alias.  To do so I select the newly created forward lookup zone and right click and select new Alias (CNAME).  In the New Resource Record window I type * for the Alias Name and the WFE FQDN for the FQDN field (in this case SPWeb2013.campbushnell.lcl).  If I wanted to use a load balanced URL (DNS A Record) instead I could do that instead of pointing directly at the WFE.  This can work great for abstracting the server name or in the case that I have multiple WFEs.  

Now that the DNS side of the house is configured, I run my script…  (The first section of the scripts I write I always setup my variables for use in the script which is great for multiple farms)

#Create Variables

write-host 0. Setup Variables

$AMAcct = Get-SPManagedAccount "campbushnell\svcSPApps" #App Management Service Account

$SSAcct = Get-SPManagedAccount "campbushnell\svcSPSubscript" #Subscription Settings Service Account

$SubServiceName = "Subscription Settings Service"

$AppServiceName = "App Management Service"

$SubDBName = "SubscriptionSettingsServiceDB"

$AppDBName = "AppServiceDB"

$AppSvr = "SPApp2013"

$AppDomain = "CampBushnellApps.lcl"

$AppPrefix = "apps"

#Start the Subscription Settings Service and App Management Service

write-host 1. Subscription Settings Service and App Management Service

$SubServiceInstance = get-SPServiceInstance -server $AppSvr | ?{$_.TypeName -eq "Microsoft SharePoint Foundation Subscription Settings Service"}

Start-SPServiceInstance -Identity $SubServiceInstance

$AppServiceInstance = get-SPServiceInstance -server $AppSvr | ?{$_.TypeName -eq "App Management Service"}

Start-SPServiceInstance -Identity $AppServiceInstance

#Create Subscription Settings Service App Pool

write-host 2. Configure Subscription Settings Service App Pool

$appPoolSubSvc = New-SPServiceApplicationPool -Name $SubServiceName-"AppPool" -Account $SSAcct

#Create Subscription Settings Service App

write-host 3. Configure Subscription Settings Service App

$appSubSvc = New-SPSubscriptionSettingsServiceApplication –ApplicationPool $appPoolSubSvc –Name $SubServiceName –DatabaseName $SubDBName

#Create Subscription Settings Service App Proxy

write-host 4. Configure Subscription Settings Service App Proxy

$proxySubSvc = New-SPSubscriptionSettingsServiceApplicationProxy –ServiceApplication $appSubSvc

#Create App Management Service App Pool

write-host 5. Configure App Management Service App Pool

$appPoolAppSvc = New-SPServiceApplicationPool -Name $AppServiceName-"AppPool" -Account $AMAcct

#Create App Management Service App

write-host 6. Configure App Management Service App

$appAppSvc = New-SPAppManagementServiceApplication -ApplicationPool $appPoolAppSvc -Name $AppServiceName -DatabaseName $AppDBName

#Create App Management Service App Proxy

write-host 7. Configure App Management Service App Proxy

$proxyAppSvc = New-SPAppManagementServiceApplicationProxy -ServiceApplication $appAppSvc

#Configure App URLs

write-host 8. Configure App URLs

Set-SPAppDomain $AppDomain

Set-SPAppSiteSubscriptionName -Name $AppPrefix -Confirm:$false

On occasion I have had step 8 of my script fail because SharePoint is still provisioning the service application and cannot setup the URLs.  In those cases I simply manually setup the required variables and rerun the two lines of code for step 8.  Once that is created I should be able to open Central Admin and access the Apps section.  In this area I am going to verify my App Domain and App Prefix are set to my variables by selecting Configure App URLs.

After I have verified that I go configure my App Catalog for the web application by selecting Manage App Catalog.  Because it is new I have to create one for the web application.  The process is much like creating a new site collection.

After that there is one more step to take to allow my web application to access apps from the SharePoint store, I need to activate the Apps that require accessible internet facing endpoints feature.  To do so I browse to Application Managementà Manage Web Applications à select my web application and select Manage Features in the ribbon.  Then I activate the feature.

At this point I am able to add apps from the SharePoint store to a SharePoint page!!!  But when I go and test the app on the page it bombs with “page cannot be displayed” error messages in the web part!  What gives!?!  Well after some Fiddler traces I found 404 errors.

As it turns out the default website is picking up the app and trying to respond for it rather than redirecting to a SharePoint web application.  First I attempted to fix this by disabling the default web site in IIS on my WFE.  Not the fix so I re-enabled it (not because it is doing anything but because I like to keep things as close to out of the box as I can, especially for testing purposes).  So instead I change the binding on my web application to pick up anything on port 80 (which is what my site is using).  When I test again I get prompted for credentials so I put them in and continue to get prompted.

What is with the prompting for credentials?  I quickly test again and this time my Fiddler trace shows me 401 errors.  First I wonder if it is a loopback issue so I disabled loopback and after my first prompt it accepts my credentials and my app works!

To disable loopback if you aren’t familiar, open the registry and go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA and create a new DWORD (32-bit) Value with a name of DisableLoopbackCheck and set the value to 1.  Restart the server after the change to ensure it takes effect.  Reference articleKB 896861

But I know that prompting credentials on page load isn’t going to fly in the real world so how can I fix it?  Well, to be honest it so simple I almost didn’t try it… all I did was add the App Domain (*.CampBushnell.lcl) to my trusted sites and configured trusted sites to pass credentials.  (I would recommend that be part of a group policy rather than setup on individual computers)  I did take the Loopback out again and found that it still kept prompting for credentials so it definitely is part of the fix here.

As an aside in case you are using Kerberos with your web application… I spent several hours working through issues with this while using a Kerberos web application and found consistent prompting that neither of the above solutions resolved.  In fact, the only way I have found around it so far for a web application using Kerberos is to setup a separate web application that is NTLM and setup the IIS binding to it rather than the Kerberos based web application.  I still needed to trust the domain and forward credentials but after I did that the prompting issue stopped. 

404 & 401 Errors with the App Management Service的更多相关文章

  1. Web Deploy安装时显示Web Management Service无法启动

      在安装显示如题错误,看了日志: IISWMSVC_STARTUP_UNABLE_TO_READ_CERTIFICATE 无法读取带有指纹"3f60e39108a7e4c54f671b75 ...

  2. Android开发之通过Intent启动其他App的Service

    在Android5.0以前可以通过隐式Intent方式启动其他App的Service,就跟Activity启动隐式Intent一样的. 但是在5.0以后,只能使用显示的Intent方式启动了. 启动其 ...

  3. 关于 IIS 的 Management Service Delegation 配置 备份

    在MSDN没找到关于使用APPCMD备份IIS的"Management Service Delegation"模块配置命令. 到IIS的配置文件存放目录下,几番搜索,查到%wind ...

  4. CDH上Cloudera Management Service 各个角色迁移至其他节点

    1.首先查看Cloudera Management Service下有哪些服务,cdh版本为5.9.2: 可以看到基本上有以上6个角色: 2.停止所有角色,并执行删除: 3.找到集群中另外一个节点,添 ...

  5. Work Management Service application in SharePoint 2016

    最近开始弄SharePoint 2016的Workflow,遇到问题发现没有了Work Management Service application,然后用PowerShell命令创建也不行,bing ...

  6. 执行yum命令报错"Unable to connect to Registration Management Service"

    问题描述 linux上执行yum相关命令时,报无法连接到注册管理服务的错误,具体报错信息如下 [root@aijihe-core-zy-2-3 ~]# yum install gcc Loaded p ...

  7. Win10/UWP开发—使用Cortana语音与App后台Service交互

    上篇文章中我们介绍了使用Cortana调用前台App,不熟悉的移步到:Win10/UWP开发—使用Cortana语音指令与App的前台交互,这篇我们讲讲如何使用Cortana调用App的后台任务,相比 ...

  8. android 关于提高第三方app的service优先级

    本博客仅仅要没有注明"转".那么均为原创,转贴请注明本博客链接链接 基本上大家都知道提高service优先级能够在非常大程度上让你的service免于由于内存不足而被kill,当然 ...

  9. 通过AIDL在两个APP之间Service通信

    一.项目介绍 [知识准备] ①Android Interface definition language(aidl,android接口定义语言),其目的实现跨进程的调用.进程是程序在os中执行的载体, ...

随机推荐

  1. Fire!(BFS)

    Fire! Time Limit:1000MS     Memory Limit:0KB     64bit IO Format:%lld & %llu Submit Status Descr ...

  2. 简单Bat文件编写

    @ECHO OFFTITLE 清理Work目录E:cd E:\Android_WorkSpace@ECHO ONecho 开始打包MavenTest......mvn install pause @E ...

  3. JS中style属性

    解决办法:1.先定义一个CSS规则,然后this.className=''2.document.getElementByIdx_x("a").style.cssText=" ...

  4. 安卓序列化漏洞 —— CVE-2015-3525

    在2014年,Jann Horn发现一个安卓的提权漏洞,该漏洞允许恶意应用从普通应用权限提权到system用户执行命令,漏洞信息与POC见(1].漏洞的成因源于在安卓系统(<5.0)中,java ...

  5. STL中的map/multimap小结

    (1)使用map/multimap之前必须包含头文件<map>:#include<map> 并且和所有的关联式容器一样,map/multimap通常以平衡二叉树来完成 (2)n ...

  6. 搭建windows下filezilla FTP服务器

    FTP服务器必不可少,鉴于serv-u越来越冗余繁多的设置,个人还是比较喜欢简单.干净,满足需求即可的东东,所以选择filezilla.更主要的原因是ta是开元免费使用的,虽然免费,功能却齐全,我发现 ...

  7. 仿照微信的效果,实现了一个支持多选、选原图和视频的图片选择器,适配了iOS6-9系统,3行代码即可集成.

    提示:如果你发现了Bug,请尝试更新到最新版.目前最新版是1.6.4,此前的版本或多或少存在一些bug的~如果你已经是最新版了,请留一条评论,我看到了会尽快处理和修复哈~ 关于升级iOS10和Xcdo ...

  8. [Solution] 1分钟使用log4net

    log4net库是Apache log4j框架在Microsoft .NET平台的实现,是一个帮助程序员将日志信息输出到各种目标(控制台.文件.数据库等)的工具 官网:http://logging.a ...

  9. [CLR via C#]8. 方法

    一.实例构造器和类(引用类型) 类实例构造器是允许将类型的实例初始化为良好状态的一种特殊的方法. 类实例构造器方法在"方法定义元数据表"中始终叫.ctor(代表constructo ...

  10. 那晚征服的一道js经典的面试题

    今天朋友共享了一道js中经典的面试题,需求是这样的 给定你任意一个字符串,让你写出一个算法,求算出该字符串中出现次数最多的一个字符,并将其结果输出 刚拿到这道题的第一感觉便是定义一个count计时器, ...