Accessing App fabric Cache from Multiple Clients

StackOverflow https://stackoverflow.com/questions/13762577

Question

I am trying to setup a website on multiple hosts and these applications make use of App Fabric Caching framework.

I have setup the App Fabric using SQL Server (not XML) on Machine1 and I used "NT Authority\Network Service" user to configure App Fabric. I have setup the website on same machine with "Network Service" set as Application Pool Identity. I have given the permission to the cache store to "Network Service" user using "grant-CacheAllowedClientAccount" command. The website functions normally and is able to Add/Edit/Delete data into the cache. Everything runs smooth.

However, when I try to host the same application on another machine (Machine2) with exact same IIS and App Pool settings, the application fails with the following error:

There is a temporary failure. Please retry later. (One or more specified cache servers are unavailable, which could be caused by busy network or servers. For on-premises cache clusters, also verify the following conditions. Ensure that security permission has been granted for this client account, and check that the AppFabric Caching Service is allowed through the firewall on all cache hosts. Also the MaxBufferSize on the server must be greater than or equal to the serialized object size sent from the client.)

If I do a grant permission to everyone, it works fine but that's not a great solution.

Both the machines are residing in a domain.

Can you please provide me with some input on this?

Was it helpful?

Solution

looking like you are just missing to run the below command on machine1

Grant-CacheAllowedClientAccount -Account "DOMAIN1\Machine2$"

After doing this, all services running on machine2 in NETWORK SERVICE account will be able to access the Appfabric cache hosted on Machine1

Explained in detail here - http://msdn.microsoft.com/en-us/library/ff921012(v=azure.10).aspx

Note that if the client application is running as a built-in machine account, such as "NT Authority\Network Service", you can grant the machine access to the cache cluster. To do this, use the machine account, which is the domain name and machine name with an appended dollar sign. The following example grants cache cluster access to a machine named Server1 in a domain named DOMAIN1.

Grant-CacheAllowedClientAccount -Account "NT Authority\Network Service"

OTHER TIPS

Another solution is to set the security & protection level to none in both in client configuration and AppFabric Caching Service Configuration.

In web.config/app.config file

<dataCacheClient>
<securityProperties mode="None" protectionLevel="None"/>
<hosts>
  <host   name="XXXX" cachePort="22233"/>
</hosts>

In AppFabric Caching Service Configuration file

 <advancedProperties>
        <securityProperties mode="None" protectionLevel="None" />
 </advancedProperties>
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top