AppFabric Caching Service crash (Solved)

AppFabric is a set of technologies that helps developers and administrators to build and scale web applications that run on IIS. It comes with hosting and caching features. In this post, I will focus on AppFabric Caching Service crash and possible fixes.

AppFabric Caching Service crash and fix
AppFabric Caching architecture (Source)

If you notice that the caching is not working as expected, check the Event Viewer logs located in the containers below:

  • Windows Logs > Application
  • Windows Logs > System​
  • Applications and Services Logs > Microsoft > Application Server-System Services​

In the Event Viewer logs, it is likely that you will see one or more of these error messages:

Event ID 111:
AppFabricCachingService.Crash Microsoft.ApplicationServer.Caching.DataCacheException: ErrorCode:SubStatus:Service initialization failed. No user action required.

Event ID 6:
30ecac98000000000000000000000000
Microsoft.Fabric.Common.OperationCompletedException: Operation completed with an exception —> System.TimeoutException: The operation has timed out.

Event ID 1026:
Application: DistributedCacheService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: Microsoft.ApplicationServer.Caching.DataCacheException

Event ID 1000:
Faulting application name: DistributedCacheService.exe, version: 1.0.4632.0
Faulting module name: KERNELBASE.dll, version: 10.0.14393.2636
Exception code: 0xe0434352
Faulting application path: C:\Program Files\AppFabric 1.1 for Windows Server\DistributedCacheService.exe
Faulting module path: C:\Windows\System32\KERNELBASE.dll

Event ID 36871:
A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

For the solution of Schannel 10013 error, please check this post out.

Find the root cause of AppFabric Caching Service crash and solve it

Here are the possible causes and solutions of AppFabric Cashing Service crashes. You can implement each solution individually. They don’t depend on each other.

Service account

Check the account used for running AppFabric Caching service. If it is the server farm account, change it to a managed account (Instructions).

Best practice for the service account:

A single account should be used for all Service Applications, named Service Application Pool account. This allows the administrator to use a single IIS Application Pool for all Service Applications. In addition, this account should run the following Windows Services: SharePoint Search Host Controller, SharePoint Server Search, and Distributed Cache (AppFabric Caching Service). The SharePoint Service Application Pool account must be a domain user account. This account must not be a member of the Administrators group on any computer in the server farm.

Source

Account permissions

Provide Data Reader / Data Writer permissions to NT Authority\System on the SQL AppFabric Database.

Additionally, in PowerShell, execute Grant-CacheAllowedClientAccount command for NT Authority\System account on the cluster (Source).

Cluster nodes

Check if all nodes are online. If one node is not reachable, AppFabric Caching Service may crash

Other possible fixes

  • Disable the antivirus temporarily and try again
  • Make sure the operating system is up-to-date
  • Make sure the limit for number of servers allowed in the farm is not exceeded
  • Disable Windows Firewall temporarily and try again. If there is a non-Windows firewall, please open the following protocols and ports: SMB, SMB2 and ICMP protocols TCP ports (22233, 22234, 22235 and 22236) Or 445 and the ICMP protocol TCP ports (22233, 22234, 22235 and 22236)

Cannot perform CAS Asserts in Security Transparent methods (Solved)

You may come across this error message while trying to use a third-party library in your .NET application: “Cannot perform CAS Asserts”. As the message implies, this issue is about the security mechanism that protects your system from unreliable components.

Here is the entire error message:

System.InvalidOperationException: Cannot perform CAS Asserts in Security Transparent methods

What is CAS (Code Access Security)?

CAS is a security mechanism provided by .NET Framework to protect your system against malicious code blocks and components.

The .NET Framework provides a mechanism for the enforcement of varying levels of trust on different code running in the same application called Code Access Security (CAS).

Microsott Docs

Why we need CAS?

Users obtain code from many sources, some of which might be unreliable; code can contain bugs or vulnerabilities that enable it to be exploited by malicious code; and code sometimes does things that the user does not know it will do. As a result, computer systems can be damaged and private data can be leaked when cautious and trustworthy users run malicious or error-filled software.

Microsott Docs
How to solve "Cannot perform CAS Asserts" error
Slide source

Root Cause

The reason you receive “Cannot perform CAS Asserts” error is that your application is trying to use an external library that is not trusted by CAS. It happens especially when you upgrade .NET Framework version in your development machine. In this case, you should update your code as per the new CAS requirements come with the new .NET Framework version.

For more information about major CAS changes in .NET Framework 4.0: Link 1, link 2

Receiving Schannel 10013 error? Check this post out.

How to solve “Cannot perform CAS Asserts” error

Solution 1: Full-trust

Making your application a “full-trust” application solves this issue unless the application is marked as security-transparent. However, many hosting companies don’t allow applications run on “full-trust”.

Solution 2: GAC

Another way to solve this issue is that adding the external DLLs into GAC (Global Assembly Cache) by using Gacutil.exe. Check this article out for instructions to install an assembly into GAC. Gacutil.exe comes with Windows SDK and Visual Studio.

Solution 3: Code changes

Changing your application’s code and making it compatible with the new CAS implementations is the best solution in the long-term. Here is an article to guide you through the changes you should make in your code.

Website is not accessible via hostname (Solved)

We use hostnames such as port135.com or microsoft.com to access websites. If not specifically blocked, they can be accessed via IP addresses as well. However, there might be a time that your website is not accessible via hostname. It serves only through the IP address. In this post, we will figure out how to fix this issue.

Background

If you configure IIS binding as “IP address: All Unassigned – Port: 8080”, it should be listening the port 0.0.0.0:8080. If it listens 127.0.0.1:8080 which is the localhost, then your website will not be accessible via hostname.

Curios about how HTTP redirection works in IIS? Check this post out.

Solution for the issue (Website is not accessible via hostname)

Follow the steps below to solve this issue.

  1. Check the “listening” ports
    Run netstat -a in Command Prompt. Also run netsh http show iplisten. In the output of both commands, you shouldn’t see 127.0.0.1:8080 as a LISTENING address. The screenshot below shows the ideal situation.
  2. Remove 127.0.0.1
    If you see the IP address 127.0.0.1 in the output, you will need to remove it to solve this issue. Simply run this command: netsh http delete iplisten ipaddress=127.0.0.1
Website is not accessible via hostname
Ideal output

You may need to add the IP address 0.0.0.0 manually if it doesn’t already exist as a LISTENING port (Source).