none
AD FS Fails

    Question

  • I did setup AD FS but in the dashboard under services it says adfssrv is "Start Pending". Looking at the Local Server services I have 5 failing:

    User Access Logging Service, UALSVC, Stopped
    Diagnostic Policy Service, DPS, Stopped
    Active Directory Federation Services, adfssrv, Start Pending
    Windows Server Essentials Media Streaming Service, WseMediaSvc, Stopped
    Distributed Transaction Coordinator, MSDTC, Stopped

    If I got to Event Viewer I see a bunch of entries including

    Warning, Event 2947, An attempt to fetch the password of a group managed service account failed...CN=ADFSService. This is the new service account I created. Please note that I uninstalled and reinstalled AD FS a few times. After uninstalling I removed the service account with remove-adserviceaccount -identity adfsservice.

    Warning, Event 94, Active Directory Certificate Services [domain]-[computername]-CA can not open the certificate store at CN=NTAuthCertificates.... I checked the permissions on the Public Key Services and they appear correct to me.

    Error, Event 91, Could not connect to the Active Directory. Active Directory Certificate Services will retry when processing requires Active Directory use.

    I checked the serive account with test-adserviceaccount adfsservice which come back good (TRUE).

    Any help is appreciated. Btw, this is on Windows Server 2012 R2 with the Essentials experience installed.

    Wednesday, February 26, 2014 10:44 PM

Answers