Friday, September 7, 2012

Powershell error : Execution of script is disabled on system

1 comment
Got below error while executing powershell script on Windows 7 x64 machine

It can be easily identified from error that i have to enable script execution.

To enable it, execute following command in powershell :

PS > Set-ExecutionPolicy -ExecutionPolicy UnRestried

After hitting Enter it will asked for confirmation. Press 'Y' and enter .

Now powershell script execution on system is enabled.

Sunday, September 2, 2012

SharePoint 2013 Managed Account Error - Requested registry access is not allowed

1 comment

This is first time I came across error saying "Requested registry access is not allowed".  Error was thrown while creating managed account for User profile application.  As every SharePoint error is tied up with correlation id, was the closed to get clue about potential problem. Check below snapshot of error thrown.

Found one entry from all other  related to the issue by matching correlation id, which was signaling issue due to authentication.

Application error when access /_admin/registeraccount.aspx, Error=Requested registry access is not allowed.   at Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean writable)     at Microsoft.SharePoint.Administration.SPCredentialManager.GetMasterKey(SPFarm farm)     at Microsoft.SharePoint.Administration.SPCredentialManager.GetFarmEncryptionKey(SPFarm farm)     at Microsoft.SharePoint.Administration.SPCredentialManager.EncryptWithMasterKey(SecureString sstrPassphrase)     at Microsoft.SharePoint.Administration.SPEncryptedString.SetSecureStringValue(SecureString sstrValue)     at Microsoft.SharePoint.Administration.SPManagedAccount.Update()     at Microsoft.SharePoint.WebControls.RegisterAccountControl.BtnSubmit_Click(Object sender, EventArgs args)     at System.Web.UI.WebControls....        208dc99b-07aa-10f5-0000-0a031a12d122

After searching on the same on web, I was able to find that there is some registry entry which do not have access  rights.  Which means that while creating managed account it uses information from this registry, but as user under which managed account was created do not have access to this registy.

One can open registry using regedit command. In Registery editor go to 

HKEY_LOCAL_MACHINE\Software\Microsoft\Shared Tools\15\Secure\FarmAdmin

Check central  administration app pool Identity  have permission on FarmAdmin. Permission can be check on right clicking FarmAdmin --> Permissions.

After adding admin app  pool identity and giving full rights , I was able to create managed account.

Note : Wrong changes in registry might affect your system, so make yourself 100% sure before doing any changes.