AppFabric cache client rejection

Question

I have set up an AppFabric CacheServer on a webserver, in a different domain.

When I try to access it I get the exception: The server has rejected the client credentials. InnerException: The logon attempt failed.

I have tried

 Grant-CacheAllowedClientAccount Everyone

But it didnt help, I have tried

 Grant-CacheAllowedClientAccount MYDOMAIN\MyIISusr

But that only gives me an error: Windows account MYDOMAIN\MyIISusr is not valid. Probably because we are not in the same domain?

I have tried to set the apppool account to networkservice and use

Grant-CacheAllowedClientAccount Networkservice

But this didnt help either.

Is there some way I can skip the authorization and not authorize users? Everything is behind firewalls and not reachable from public so the authorization is not needed in this application.

Or does someone have any solution to my problem?

Answer 1

You can connect to AppFabric Cache without authentication by:

1. Set-CacheClusterSecurity -SecurityMode None -ProtectionLevel None

2. Configuring your client like this:

   <dataCacheClients>
     <dataCacheClient name="CacheName" maxConnectionsToServer="20">
       <hosts>
         <host name="hostName" cachePort="22233" />
       </hosts>
       <securityProperties mode="None" protectionLevel="None" />
     </dataCacheClient>
   </dataCacheClients>
   

But I wouldn't recommend that. You should be able to connect from one domain to another but configuring that should be a job for your administration team.

Answer 2

I recommend you to install the cumulative update package 2 for Microsoft AppFabric 1.1 (support.microsoft.com/kb/2716015). Then in Event Viewer -> Applications and Service logs -> Microsoft -> Application Server-System Services-Admin you can find the username for which you have the problem. If the username is {Anonymous} you should consider changing the app pool identity to networkservice.