locked
ADFS Proxy fails and needs to be reconfigured RRS feed

  • Question

  • Hi,

    About once a month our ADFS Proxy server starts failing until I re-run the configuration wizard.

    In the event log we see these 364 errors for failed attempts to authenticate:

    Encountered error during federation passive request.

    Additional Data

    Exception details:

    Microsoft.IdentityServer.Web.RequestFailedException: MSIS7012: An error occurred while processing the request. Contact your administrator for details. ---> System.ServiceModel.FaultException: System.ServiceModel.FaultException: MSIS3127: The specified request failed.

       at Microsoft.IdentityServer.Protocols.WSTrust.WSTrustClientManager.Issue(Message request, WCFResponseData responseData)

       at Microsoft.IdentityServer.Protocols.WSTrust.WSTrustClient.Issue(RequestSecurityToken rst, WCFResponseData responseData)

       at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.SubmitRequest(MSISRequestSecurityToken request)

     

       --- End of inner exception stack trace ---

    System.ServiceModel.FaultException: System.ServiceModel.FaultException: MSIS3127: The specified request failed.

       at Microsoft.IdentityServer.Protocols.WSTrust.WSTrustClientManager.Issue(Message request, WCFResponseData responseData)

       at Microsoft.IdentityServer.Protocols.WSTrust.WSTrustClient.Issue(RequestSecurityToken rst, WCFResponseData responseData)

       at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.SubmitRequest(MSISRequestSecurityToken request)

    From the users point of view they see the login page then after entering credentials and continuing, it fails.

    ADFS Proxy is running on Windows 2008 R2, is not domain joined and the time is the same as the ADFS server.

    After deleting the IIS site/pool and re-running the configuration wizard, users are able to authenticate again.

    Very annoying issue, any ideas?

    Regards,

    Andrew

    Wednesday, March 9, 2016 2:13 AM