Extension of a virtual server with Windows SharePoint Services does not complete successfully when you use Active Directory account creation mode (828812)

SYMPTOMS

When you extend a virtual server with Microsoft Windows SharePoint Services, you may find that the operation does not complete successfully. The Web site is extended with Windows SharePoint Services. However, the Web site is not functional. For example, you cannot use the Web site even though the following components are configured:

The Internet Server API (ISAPI) filter is installed.
The Web.config file and the _vti_pvt, _layouts, _vti_bin, and _wpresources folders are added to the Web site in Microsoft Internet Information Services (IIS) 6.0.

You do not receive an error message and no event error messages are logged to the event logs in Event Viewer.

RESOLUTION

To resolve this issue, delegate the user account that you use as the administration application pool identity permissions to the organizational unit. To do so, follow these steps:

Retrieve the name of Active Directory directory services domain that you specified during Setup. To do so, follow these steps:
1. Click Start, and then click Run.
2. In the Open box, type cmd, and then click OK.
3. At the command prompt, type the following line, and then press ENTER :
  cd /d %commonprogramfiles%\Microsoft Shared\Web Server Extensions\60\Bin
4. Type the following line, and then press ENTER:
  stsadm -o getproperty -pn adaccountdomain
  You receive the following response in the Command Prompt window, where DomainName is the name of the domain:
  <Property Exist="Yes" Value="DomainName" />
Retrieve the name of the organizational unit that you specified. To do so, at the command prompt, type the following line, and then press ENTER:
stsadm -o getproperty -pn adaccountou
You receive the following response in the Command Prompt window, where OUName is the name of the organizational unit:
<Property Exist="Yes" Value="OUName" />
Delegate permissions to the organizational unit. To do so, follow these steps:
1. On the server that is running Active Directory, start Active Directory Users and Computers.
2. Right-click the appropriate organizational unit, and then click Delegate control.
  
  The Delegation of Control Wizard starts.
3. Click Next.
4. On the Users and Groups page, click Add.
5. In the Select Users, Computers, and Groups dialog box, type the name of the user account that you use as the administration application pool identity, and then click OK.
6. Click Next.
7. On the Tasks to Delegate page, click Delegate the following common tasks, click to select the Create, delete, and manage user accounts check box, and then click Next.
8. Click Finish.

MORE INFORMATION

When you use Active Directory account creation mode, you can automatically create new accounts for users in Active Directory instead of using pre-existing domain accounts. For example, an Internet Service Provider (ISP) may want to permit Windows SharePoint Services site owners the ability to create user accounts or invite users to collaborate on a Web site where existing domain accounts for those users do not already exist.

For more information about how to install, configure, and administer Windows SharePoint Services, see the Microsoft Windows SharePoint Services Administrator's Guide. To view the Microsoft Windows SharePoint Services Administrator's Guide, visit the following Microsoft Web site:

http://www.microsoft.com/SharePoint/Assistance

For more information about Windows SharePoint Services, visit the following Microsoft Web site:

http://www.microsoft.com/sharepoint/teamservices/default.asp

back to the top

Extension of a virtual server with Windows SharePoint Services does not complete successfully when you use Active Directory account creation mode (828812)

SYMPTOMS

CAUSE

RESOLUTION

MORE INFORMATION