Skip to content

SharePoint Publishing Cache Manager has Timed Out

After making a change in TokenTimeout value today, all publishing sites started throwing error with Correlation ID. ULS logs showing several error messages as shown below in red text.

System.ArgumentOutOfRangeException: The added or subtracted value results in an un-representable DateTime. Parameter name: value

at System.DateTime.AddTicks(Int64 value)

at Microsoft.SharePoint.Publishing.CacheManager.HasTimedOut()

OR

System.ArgumentOutOfRangeException: The added or subtracted value results in an un-representable DateTime. Parameter name: value

at System.DateTime.AddTicks(Int64 value)

at Microsoft.SharePoint.Publishing.CacheManager.HasTimedOut()

at Microsoft.SharePoint.Publishing.CacheManager.GetManager(SPSite site, Boolean useContextSite, Boolean allowContextSiteOptimization, Boolean refreshIfNoContext)

at Microsoft.SharePoint.Publishing.Internal.WebControls.PublishingRibbon.OnLoad(EventArgs e)

OR

Getting Error Message for Exception System.Web.HttpUnhandledException (0x80004005): Exception of type ‘System.Web.HttpUnhandledException’ was thrown. —> System.ArgumentOutOfRangeException: The added or subtracted value results in an un-representable DateTime. Parameter name: value

Resolution#1

Check if time zone for each web application in General Settings is same as your server time zone. Update time zone if nothing selected, run IISRESET and check if the issue is resolved.

Resolution #2

Check value of WindowsTokenLifetime , LogonTokenCacheExpirationWindow and TokenTimeout using the PS script below.

Trouble maker in this case was TokenTimeOut value set to a very small value.

Add-PSSnapin microsoft.sharepoint.powershell
$mysts = Get-SPSecurityTokenServiceConfig
$mysts.WindowsTokenLifetime
$mysts.LogonTokenCacheExpirationWindow
$TT = [Microsoft.SharePoint.Administration.SPWebService]::ContentService
$TT.TokenTimeout

If values are any different than default values, use the script below. Script will set these 3 values to its default.

$mysts = Get-SPSecurityTokenServiceConfig
$mysts.WindowsTokenLifetime =(New-TimeSpan -Hours 10)
$mysts.LogonTokenCacheExpirationWindow = (New-TimeSpan -Minutes 10)
$mysts.Update()
$TT = [Microsoft.SharePoint.Administration.SPWebService]::ContentService
$TT.TokenTimeout=(New-TimeSpan -Days 1)
$TT.Update()

Run IISReset and check if issue resolved.

Advertisements

An exception occurred when trying to issue security token.

While working on SharePoint 2016 farm all of sudden all sites started showing

500 Internal server error
Central administration is up and browse able

Found these events in event viewer.

Event ID 8306
An exception occurred when trying to issue security token: There was no endpoint listening at http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc/actas that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details..

Event ID 6398
The Execute method of job definition Microsoft.Office.Server.UserProfiles.FeedCacheRepopulationJob (ID 1c18cf8a-b009-48e2-9416-df30adec5c82) threw an exception. More information is included below.

There was no endpoint listening at http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc/actas that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. (Correlation=82f1189e-55aa-8091-537f-c3f819a775ec)

Confirmation: 

Ok. Both the events are complaining about Security Token Service Application and provide a correlation ID in Event ID 6398. That was helpful.

If click on the link http://localhost:32843/Security……………… mentioned in the event viewer, it shows page cannot be displayed, that was good enough to confirm Security Token Service Application is not responding.

Did an IISReset, check if all services are up, SQL is good, reboot machine but no luck.

Solution:

Script below solve the problem.
$hostSvc = Get-SPServiceHostconfig
$hostSvc.Provision()
$SecToken=Get-SPServiceApplication | where { $_.TypeName -Like “Security Token*”}
$SecToken.provision()
You can restart IIS ( IISReset.exe) or use the below PS to restart single IIS Site.
Stop-Website “SharePoint Web Services”
Start-Website “SharePoint Web Services”

Check out Technet Article for further trouble shooting is issue is not resolved.
https://support.microsoft.com/en-in/help/2493524/sharepoint-2010-receiving-error-security-token-service-is-not-availabl

Update a web application URL and IIS bindings for SharePoint

 Update a web application URL and IIS bindings for SharePoint 

A quick Google search gave me this but below is just another way to make it easier using power shell with less clicking. This applies to SharePoint 2010, 2013 and 2016.  

https://technet.microsoft.com/en-us/library/cc262366.aspx  

Scenario:

Let’s say you created a web application http://danger for your users and they are working on it and site is live, all good. One fine morning site owner decided this name is not good and want to change the URL to something else like http://ranger

You can change URL from Central Administration and in case you don’t want to click too much you can use the 4 liner PowerShell at the end of this write.

Using Central Administration:  

Extend the web application to a zone that is not used yet. Let’s say “Custom” zone. 

You can enter any host header value for example “tempsite” as this will be temporary extension of web app with any port number, we will get rid of this zone once done.  

Once web application is extended, you can confirm that by going to Alternate Access Mapping page, you will see a new mapping http://tempsite in zone you used while extending.

Go back to Manage Web Application page high light web application http://danger by clicking on it and click on tiny drop down on the Delete button in the ribbon. Select “Remove SharePoint from IIS Web Site”, Select zone from the drop down with unwanted URL in this case its “danger”, check box for delete IIS web site and click ok.  

So far, we have removed the unwanted URL and move everything over to a new URL called tempsite. Go back and extend the web application again and this time enter the correct URL http://ranger , port 80 and make sure you select Default zone from the drop down. Hit ok. Once done check your site with new URL, in this case http://ranger .  

You can remove the custom Zone URL as mentioned earlier using “Remove SharePoint from IIS Site” option.

Using Power Shell

Add-PSSnapin Microsoft.sharepoint.powershell 
$Auth=New-SPAuthenticationProvider
Get-SPWebApplication -Identity http://danger | New-SPWebApplicationExtension -Name TempSite -Zone Custom -Port 80 -HostHeader TempSite -Url http://tempsite -AuthenticationMethod NTLM -AuthenticationProvider $Auth 

Get-SPWebApplication -Identity http://danger | Remove-SPWebApplication -Zone Default -DeleteIISSite -Confirm:$false  

Get-SPWebApplication -Identity http://danger | New-SPWebApplicationExtension -Name Ranger -Zone Default -Port 80 -HostHeader sandy -Url http://ranger -AuthenticationMethod NTLM -AuthenticationProvider $Auth -Confirm:$false 

Get-SPWebApplication -Identity http://ranger
| Remove-SPWebApplication -Zone Custom -DeleteIISSite -Confirm:$false

Change the parameters as per your requirements. If you want you can add “sleep –seconds 5” after each command for IIS web site to be crated on each server, but it all depends how big environment is. 

Update Web Application Name 

Above command will update the URL but notice web application name is still the same “SharePoint –Danger”. To change Web Application name, use the following script.

$WApp= Get-SPWebApplication -Identity http://ranger  
$WApp.Name=”SharePoint – Ranger” 
$WApp.Update() 

Get-SPWebApplication 

 HTH