1

We have multiple servers on which we are hosting an ASP.NET website on IIS. In the website we are trying to fetch values from Azure KeyVault.

In one server for some reason it fails to read the values from Azure KeyVault with an error 'The specified user does not have a valid profile'. We have done investigation, double-checked configuration, permission rights on files - everything looks okay. Also tried to adjust profile in IIS, nothing helped.

Here is the stack trace:

Exception information: 
    Exception type: ConfigurationErrorsException 
    Exception message: An error occurred loading a configuration file: The specified user does not have a valid profile.  Unable to load 'Microsoft.Configuration.ConfigurationBuilders.Azure, Version=2.0.0.0, Culture=neutral'. (D:\<website_path> line 77)
   at System.Configuration.BaseConfigurationRecord.EvaluateOne(String[] keys, SectionInput input, Boolean isTrusted, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentResult)
   at System.Configuration.BaseConfigurationRecord.Evaluate(FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentResult, Boolean getLkg, Boolean getRuntimeObject, Object& result, Object& resultRuntimeObject)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
   at System.Configuration.BaseConfigurationRecord.GetSection(String configKey, Boolean getLkg, Boolean checkPermission)
   at System.Web.Util.AppSettings.GetAppSettingsSection()
   at System.Web.Util.AppSettings.EnsureSettingsLoaded()
   at System.Web.Util.AppSettings.get_PortableCompilationOutput()
   at System.Web.Compilation.BuildManager.RestorePortableCompilationOutputSnapshot()
   at System.Web.Compilation.BuildManager.ExecutePreAppStart()
   at System.Web.Hosting.HostingEnvironment.Initialize(ApplicationManager appManager, IApplicationHost appHost, IConfigMapPathFactory configMapPathFactory, HostingEnvironmentParameters hostingParameters, PolicyLevel policyLevel, Exception appDomainCreationException)
The specified user does not have a valid profile.  Unable to load 'Microsoft.Configuration.ConfigurationBuilders.Azure, Version=2.0.0.0, Culture=neutral'.
   at System.Configuration.TypeUtil.GetTypeImpl(String typeString, Boolean throwOnError)
   at System.Configuration.ConfigurationBuildersSection.InstantiateBuilder(ProviderSettings ps)
   at System.Configuration.ConfigurationBuildersSection.GetBuilderFromName(String builderName)
   at System.Configuration.BaseConfigurationRecord.GetSectionXmlReader(String[] keys, SectionInput input)

Has anyone experienced a similar issue?

Any help will be appreciated.

DavisZ
  • 141
  • 9
  • Can the value be successfully obtained on other servers or is there only one server? – Theobald Du Apr 30 '21 at 03:51
  • @TheobaldDu yes, we have multiple servers and everything works on other servers. – DavisZ Apr 30 '21 at 06:47
  • Can you got the user which is referred not to have a valid profile? Is this user have permission to access the key vault instance? And when did the error take place? The time when failing to access key vault or loading the 'Microsoft.Configuration.ConfigurationBuilders.Azure' with a null or error secret? – Tiny Wang May 04 '21 at 07:56
  • I mean you may check if there's some mistakes which lead to the wrong identity of the user. See [this](https://learn.microsoft.com/en-us/java/api/overview/azure/identity-readme?view=azure-java-stable#defaultazurecredential) and it may help if you use default credential. – Tiny Wang May 04 '21 at 08:04

2 Answers2

0

I have answered a similar question here: Function app in Azure could not load file or assembly 'Microsoft.Extensions.Logging.Abstractions'

Do check out - it can be because of same reasons. There may be a nuget package which requires different version of Microsoft.Configuration.ConfigurationBuilders.Azure: 2.0.0. But, you have a version installed which is incompatible.

Harshita Singh
  • 4,590
  • 1
  • 10
  • 13
  • Thanks for the idea. We checked our dependency graph and everything seems to be compatible, unfortunately this does not look like the issue here. – DavisZ May 05 '21 at 08:36
0

After doing some debugging we have found the issue. It turned out that under Environment variables for the user we had everything correct, but under environment variables for system we mistyped AZURE_TENTANT_ID. Explains why it was working as a console application (run as current user) and not as a Windows Service (run as system)

DavisZ
  • 141
  • 9