Wednesday, May 22, 2013

Error Sandboxed service is too busy to handle the request

We have a custom 2010 branding solution in visual studio.  It deploys the Sharepoint branding to each site collection.  Trying to deploy the solution today from the site collection gallery and then from visual studio directly but was getting the dreaded service is busy error.  I have seen this before but was forced to use all three of the presrcibed solutions.  I normally only have had to do either one or two.

A. Change registry settings

A known cause is the presence of the following key in the registry of the servers that are running the sandboxed host service. (An additional symptom of this cause is that the service stops a few seconds after starting.)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\RPC
It does not matter what the value of the key is, or even if the key has any value. If the key is present, the user account in which the sandboxed host process runs must be able to read it because the process tries to when it starts up. By default, the user account does not have permission to read it (because, by default, the key is not present). You must give the Users group of the computer permission to read the key.
Note: It is not sufficient to give such permission to the Authenticated Users group, because the sandboxed process removes the Authenticated User token from the the user account in which the sandboxed host process runs. This also makes that account a restricted account which means it is not sufficient to give permission to read the key to that account alone. Since the account is not considered authenticated, doing this would have no effect. However, the account does inherit the permissions of the computer’s User group.
Take the following steps on every server which has the key and which is running the sandboxed host service.
  1. Open the registry editor and navigate to the key.
  2. Right-click the key and select Permissions.
  3. On the dialog that opens, click Add.
  4. In the dialog that opens, enter the following in the Enter the object names to select box: computername\Users.
  5. Click Check Names.
  6. After the name has resolved, click OK.
  7. Restart the sandboxed host service on all servers on which it is to run. It cannot hurt to do an iisreset as well.


B. Change host file to point clr.microsoft.com to local machine


You can redirect these attempts by adding the following line to the end of the hosts file located at C:\Windows\System32\drivers\etc:
127.0.0.1 crl.microsoft.com
This must be done on all servers running the sandboxed host service. Then restart the SharePoint 2010 User Code Host service on all these servers. It cannot hurt to do an iisreset as well.


C. Change system configuration files of Sandbox service to skip certificate verification in Code Access Security policies.

  1. Open SharePoint 2010 Central Administration
  2. Navigate to “Configure service accounts” in Security section
  3. Select ‘Windows Service – Microsoft SharePoint Foundation Sandboxed Code Service’ in the dropdown control.
  4. Then you will see which account is used for Sandbox Service.
    (Get-SPManagedAccount –Identity "DOMAINUserCodeServiceAccont").Sid.Value
Now, it is time to check and update registry settings for WinTrust.
  1. Open the registry editor and navigate to:
    HKEY_USERS{SID you obtained earlier}SOFTWARE/Microsoft/Windows/CurrentVersion/WinTrust/Trust Providers/Software Publishing
  2. Change value of “State” key to 0x00023e00.
  3. Restart Sandbox Service
  4. Perform IIS reset 




Thanks to the pdf sharepoint team  

http://www.pdfshareforms.com/error-sandboxed-too-busy-handle-request/

 and

Rick Kirkham from the Sharepoint dev team
http://blogs.msdn.com/b/sharepointdev/archive/2011/02/08/error-the-sandboxed-code-execution-request-was-refused-because-the-sandboxed-code-host-service-was-too-busy-to-handle-the-request.aspx
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)