When working with SharePoint 2013 I encountered the personal sites where not created. The ULS log on the Front-End web servers did not show a clear indication of why the creation was failing. However examining the ULS logs on the application servers I found the following exception:
My Site creation failure for user 'domain\user03' for site url 'https://my.site.nl/personal/user03'. The exception was: Microsoft.Office.Server.UserProfiles.PersonalSiteCreateException: A failure was encountered while attempting to create the site. ---> Microsoft.SharePoint.SPException: Kan de gegevens voor de sleutel voor de toepassingsreferenties niet ophalen.
at Microsoft.SharePoint.Administration.SPCredentialManager.DecryptWithApplicationCredentialKey(Byte[] rgbEncryptedPassphrase)
at Microsoft.SharePoint.Administration.SPPeoplePickerSearchActiveDirectoryDomain.get_Password()
at Microsoft.SharePoint.Utilities.SPActiveDirectoryDomain..ctor(SPPeoplePickerSearchActiveDirectoryDomain peoplePickerDomain)
at Microsoft.SharePoint.Utilities.SPUserUtility.GetWindowsPrincipalResolvers(SPWebApplication webApp, String userAccountDirectoryPathRestriction, SPPrincipalResolver bySidResolver)
at Microsoft.SharePoint.Utilities.SPUserUtility.CreatePrincipalResolvers(SPWebApplication webApp, ICollection`1 urlZones, Nullable`1 currentZone, SPPrincipalResolver bySidResolver, String userAccountDirectoryPathRestriction, Boolean alwaysAddWindowsResolver)
at Microsoft.SharePoint.Utilities.SPUtility.ResolveWindowsPrincipal(SPWeb web, SPWebApplication webApp, String input, SPPrincipalType scopes, Boolean inputIsEmailOnly)
at Microsoft.SharePoint.Administration.Claims.SPActiveDirectoryClaimProvider.FillResolve(Uri context, String[] entityTypes, Boolean inputIsEmailOnly, String resolveInput, List`1 resolved)
at Microsoft.SharePoint.Administration.Claims.SPActiveDirectoryClaimProvider.FillResolve(Uri context, String[] entityTypes, SPClaim resolveInput, List`1 resolved)
at Microsoft.SharePoint.Administration.Claims.SPClaimProvider.Resolve(Uri context, String[] entityTypes, SPClaim resolveInput)
at Microsoft.SharePoint.Administration.Claims.SPClaimProviderOperations.Resolve(Uri context, SPClaimProviderOperationOptions mode, String[] providerNames, String[] entityTypes, SPClaim resolveInput)
at Microsoft.SharePoint.Utilities.SPUtility.ResolvePrincipalClaims(SPWeb web, SPWebApplication webApplication, Nullable`1 urlZone, String input, SPPrincipalType scopes, SPPrincipalSource sources, SPPrincipalInfo user, Boolean inputIsEmailOnly)
at Microsoft.SharePoint.Utilities.SPUtility.ResolvePrincipalInternal(SPWeb web, SPWebApplication webApp, Nullable`1 urlZone, String input, SPPrincipalType scopes, SPPrincipalSource sources, SPUserCollection usersContainer, Boolean inputIsEmailOnly, Boolean alwaysAddWindowsResolver)
at Microsoft.SharePoint.Utilities.SPUtility.ResolvePrincipal(SPWebApplication webApp, Nullable`1 urlZone, String input, SPPrincipalType scopes, SPPrincipalSource sources, Boolean inputIsEmailOnly)
at Microsoft.SharePoint.Administration.SPSiteCollection.Add(SPContentDatabase database, SPSiteSubscription siteSubscription, String siteUrl, String title, String description, UInt32 nLCID, Int32 compatibilityLevel, String webTemplate, String ownerLogin, String ownerName, String ownerEmail, String secondaryContactLogin, String secondaryContactName, String secondaryContactEmail, String quotaTemplate, String sscRootWebUrl, Boolean useHostHeaderAsSiteName, Boolean overrideCompatibilityRestriction)
at Microsoft.SharePoint.SPSite.SelfServiceCreateSite(String siteUrl, String title, String description, UInt32 nLCID, Int32 compatibilityLevel, String webTemplate, String ownerLogin, String ownerName, String ownerEmail, String contactLogin, String contactName, String contactEmail, String quotaTemplate, SPSiteSubscription siteSubscription)
at Microsoft.Office.Server.UserProfiles.UserProfile.<>c__DisplayClass2.b__0() -
-- End of inner exception stack trace ---
at Microsoft.Office.Server.UserProfiles.UserProfile.<>c__DisplayClass2.b__0()
at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass5.b__3()
at Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated secureCode)
at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(WaitCallback secureCode, Object param)
at Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges(CodeToRunElevated secureCode)
at Microsoft.Office.Server.UserProfiles.UserProfile.CreateSite(String strRequestUrl, Boolean bCollision, Int32 overrideCompatLevel, Int32 lcid).
The exception shows that something is wrong with the application encryption key. The application encryption key is used to secure the credentials used to connect to the trusted domain. To fix this issue you have to use STS-ADM, there is no powershell command for this:
sts-adm -o setapppassword -password SomeVeryStrongPassword
