Sharepoint - BlobCache issues on SharePoint Server 2019 / Windows Server 2019

Ok I have finally found the root cause for this issue.

I believe this is a bug relating to either Windows Server 2019, SharePoint Server 2019, or a combination of the both.

Basically, the application pool accounts do not have sufficient permissions to create BlobCache folders in a vanilla install of SP2019 (specifically on Server 2019).

There are 2 key permission changes needed, all of which should be applied to the local "WSS_WPG" group.

1) Initially there will be an error relating to a "COM Class factory" showing in Event Viewer (Event ID: 5538):

"An error occured in the blob cache. The exception message was 'Retrieving the COM class factory for remote component with CLSID {2B72133B-3F5B-4602-8952-803546CE3344} from machine failed due to the following error: 80070005 .'."

This comes about because the WSS Worker Process Group (WPG) doesn't have access to the Application Host Admin API for IIS 7.0 ("ahadmin").

This can be resolved by granting the WSS_WPG group Launch and Execution permissions to the "ahadmin" DCOM component (in Component Services).

You however can't do this without first taking "ownership" of the "ahadmin" registry key first: HKEY_CLASSES_ROOT\SOFTWARE\Classes\AppID{9fa5c497-f46d-447f-8011-05d03d7d7ddc}

2) After resolving the COM permissions above, and performing an IISRESET, you will next observe another error in Event Viewer (again with Event ID: 5538)

"An error occured in the blob cache. The exception message was 'Filename: redirection.config Error: Cannot read configuration file due to insufficient permissions"

Resolving this is simply by granting the WSS_WPG group "read" access to the IIS config folder (C:\Windows\System32\inetsrv\config).

Do another IISRESET and you should find that the BlobCache is now working correctly.

(It should be worth noting that this was all observed on a single machine .. but in a typical farm I would expect this activity required on all WFE servers).

I can only assume at this point that this is a platform issue.

Perhaps Server 2019 changed the default execution permissions? Perhaps the SharePoint 2019 installer doesn't correctly change these permissions?

Either way .. I have now replicated this error on two separate new Server 2019 / SharePoint 2019 machines.


Good news! The July 2019 CU for SharePoint 2019 finally fixes this misbehaviour. Blob cache now works for SharePoint Server 2019 as it is supposed to.

Check the details: https://support.microsoft.com/en-us/help/4475529/security-update-for-sharepoint-server-2019-july-9-2019

Tags:

Caching

Publishing

Related

Sharepoint - NodeJS not compatible Sharepoint - Permission Level which doesn't allow renaming file in document library Sharepoint - Filter Created in SP REST API Sharepoint - Is there a tool that helps with Modern UI column formatting? Sharepoint - Can i add a JS Link to a list view in modern interface Sharepoint - Migrating our on-premises sub-sites to be modern site collections. how we will be managing the content types and site columns Sharepoint - Hide element using css for a modern page Sharepoint - Is there a way to create classic pages on modern sites with Sharepoint Online? Sharepoint - Assigning "Contribute" permission instead of "Edit" to the SharePoint Modern Team site's Site members Sharepoint - Using Flow with SharePoint 2013 on prem Sharepoint - Download and upload file from share point using Java (Rest API call) Sharepoint - SharePoint Designer giving error while publishing SharePoint Workflow

Recent Posts