Submit a ticketCall us

WebinarVisual Monitoring Tactics: Getting More Log Search Value from SolarWinds Log & Event Manager with nDepth Webcast

Do things seem to make more sense when they are visualized? Are you an IT professional or security expert with a wish for more cybersecurity tools that provide an intuitive visual experience? Join Alexis Horn and Jamie Hynds from SolarWinds as they demonstrate how the nDepth feature in LEM can help make visualizing log search results a reality.

Register now.

Home > Success Center > Orion Platform > Orion - Knowledgebase Articles > Orion server is down due to .NET Framework 4.7

Orion server is down due to .NET Framework 4.7

Updated February 28, 2018

Overview

The Orion server is down and the following error message is displayed when browsing the NPM Web Console:

No endpoint listening at net.tcp://servername:17777/orion/corebusinesslayer

 

The following warning messages are also found in the BusinessLayerHost.log and InformationServicesv2.log files:

WARN  SolarWinds.Orion.Core.Common.InformationServiceConnectionProvider - Connection via certificate could not be created.
System.ServiceModel.CommunicationException: The socket connection was aborted. This could be caused by an error processing your message or a receive timeout being exceeded by the remote host, or an underlying network resource issue. Local socket timeout was '00:01:00'. ---> System.IO.IOException: The read operation failed, see inner exception. ---> System.ServiceModel.CommunicationException: The socket connection was aborted. This could be caused by an error processing your message or a receive timeout being exceeded by the remote host, or an underlying network resource issue. Local socket timeout was '00:01:00'. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
   at System.Net.Sockets.Socket.Receive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags)
   at System.ServiceModel.Channels.SocketConnection.ReadCore(Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout, Boolean closing)

 

.NET 4.7 Redistributable:

 

.NET Framework 4.7 for Windows Server 2008 R2:  KB3186497
.NET Framework 4.7 for Windows Server 2012:     KB3186505
.NET Framework 4.7 for Windows Server 2012 R2:  KB3186539
.NET Framework 4.7 for Windows Server 2016:     KB3186568

 

Note: Also remove the 4.7.1 patch: 

https://support.microsoft.com/fil-ph...windows-rt-8-1

 

 

Reference:

https://blogs.msdn.microsoft.com/dotnet/2017/06/13/microsoft-net-framework-4-7-is-available-on-windows-update-wsus-and-mu-catalog/

Environment

  • All NPM versions
  • All Windows Server versions

Cause 

This issue is caused by a previous Windows update on 06/14/2017 which includes the release of .NET Framework 4.7.

Resolution 1

Note: Before performing the following steps, collect and submit diagnostics to the Development team for further investigation and to determine if this is an environmental issue.

  1. Go to Program and Features and uninstall .NET Framework 4.7.

  2. Reboot the server.

  3. Download .NET Framework 4.5.2 from the Microsoft website (© 2017 Microsoft, available at https://www.microsoft.com/, obtained on June 28, 2017.).

  4. Install the.NET Framework 4.5.2 offline installer file.

  5. Recreate the Orion website to remove the website cache and the web.config files.

  6. Download and run the MD5 Fix It tool to disable TLS 1.2.

  7. Restart Orion services.

Resolution 2

The next steps details making changes to your system's registry. Before proceeding, make a backup of your current registry.

  1. Create a backup of the registry.
  2. Modify your registry by running the following commands as an administrator in a command prompt on the Orion server:
    REG ADD "HKLM\System\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\TLS 1.0\Server" /v Enabled /t REG_DWORD /d 1 /f
    REG ADD "HKLM\System\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\TLS 1.0\Client" /v Enabled /t REG_DWORD /d 1 /f
    REG ADD "HKLM\System\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\TLS 1.1\Server" /v Enabled /t REG_DWORD /d 1 /f
    REG ADD "HKLM\System\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\TLS 1.1\Client" /v Enabled /t REG_DWORD /d 1 /f
    REG ADD "HKLM\System\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\TLS 1.2\Server" /v Enabled /t REG_DWORD /d 0 /f
    REG ADD "HKLM\System\CurrentControlSet\Control\SecurityProviders\SChannel\Protocols\TLS 1.2\Client" /v Enabled /t REG_DWORD /d 0 /f
  3. If using Windows Server 2008, a reboot is required. 

 

Disclaimer: Please note, any content posted herein is provided as a suggestion or recommendation to you for your internal use. This is not part of the SolarWinds software or documentation that you purchased from SolarWinds, and the information set forth herein may come from third parties. Your organization should internally review and assess to what extent, if any, such custom scripts or recommendations will be incorporated into your environment.  You elect to use third party content at your own risk, and you will be solely responsible for the incorporation of the same, if any.

 

Last modified

Tags

Classifications

Public