Skip to main content
Kofax

Failed to Add bootstrap admin user into AAService

Article # 3042158 - Page views: 221

Problem: 

On a fresh installation of ControlSuite with Security Framework, while running the Configuration Assistant it errors during the configuration on the Add bootstrap admin user into AAService 

clipboard_e06cea7366a7ef6c047986d5c9992bd63.png

Cause:

'Add bootstrap admin user' is a set of initial requests to SFS and it means SFS is not available by one of the possible reasons listed below.

1 - Security Framework Service is not running

2 - Proxy Server is being used

3 - Antivirus is blocking the configuration of Security Framework

4 - Security Framework Profile is corrupted 

5 - IIS is misconfigured or corrupted 

Solution: 

1 - To check if Security Framework Service is running, open IIS Manager > Application Pools and make sure SecurityFrameworkService is Started

2 - To check if Proxy Server is being used, open Control Panel > Internet Options > Connections > LAN settings > Proxy server. If it is configured then 

  • Enable "Bypass proxy server for local addresses"
  • Click Advanced > Exceptions and enter the FQDN of the server 

3 - For Antivirus please refer to KB article McAfee Antivirus causes failure to set up Security Framework at the Add bootstrap admin user into AAservice 

4 - If profile is corrupted, delete and recreate the profile

  • Stop SecurityFrameworkService in IIS Manager > Application Pools
  • Open Control Panel, and then select System
  • Click the Advanced tab, and in the User Profiles area, click Settings
  • In the Profiles stored on this computer list, select IIS APPPOOL\SecurityFrameworkService user profile, and then click Delete
  • Start SecurityFrameworkService in IIS Manager > Application Pools

5 - Make sure that WebDAV Publishing is not installed under (Server Roles > Web Server (IIS) > Web Server > Common HTTP Features), also confirm that you are getting NDI Site response to the following url "https://localhost:8181"

 

 

If the issue is not resolved please include the following when opening a support case with Kofax:

1 - Security Framework Service logs in debug mode

  • Stop SecurityFrameworkService in IIS Manager > Application Pools
  • Open notepad as an administrator and open logging.config file located under C:\ProgramData\Kofax\ControlSuite\SecurityFrameworkService\Settings
  • Change {"ImmediateFlush":false,"LogLevel":3} to {"ImmediateFlush":true,"LogLevel":0} and save it 
  • Start SecurityFrameworkService in IIS Manager > Application Pools
  • Replicate the issue then collect the SecurityFrameworkService.log under C:\ProgramData\Kofax\ControlSuite\Logs\Shared Services

2 - A screenshot of the response to the following url "https://localhost:8181"

3 - A screenshot of the response to the following url "https://localhost:8181/SecurityFrameworkService/v1/services/services?servicename=v1-auth"

4 - A screenshot of the response to the following url "https://localhost:8181/SecurityFrameworkService/v1/services/services?servicename=v1-service"

5 - IIS logs located under %SystemDrive%\inetpub\logs\LogFiles

6 - HTTP Error logs located under %SystemDrive%\Windows\System32\LogFiles\HTTPERR

 


 

 

 

Applies to:  

Product Version
ControlSuite 1.2

 

Article # 3042158