locked
ADFS with WAP 2016 - http 503 service unavailable RRS feed

  • Question

  • Good day!

    I'm install ADFS and WAP 2016.
    I have two forests. One resource forest with servers and one forest with users accounts.
    Between forests only one-sided  trust relations. The forest of users accounts does not trust the resource forest.
    I have configured localclaimprovidertrust on ADFS with users forest and it's ok. All users is good authenticated. BUT IWA don`t work. Only FBA
    Next, I installed the WAP server in the resource forest.
    All successfully. All tests in Powershell are successful. No errors.
    I'm trying to publish the application at https://test.domain.local, which is resolved to the WAP server IP address 10.0.0.1. URL ADFS server https://adfs.domain.local is also resolved in the IP address of the WAP (10.0.0.1). So all the requests go through it.
    As a result, I get a http 503 error - service unavailable.
    If I change the dns record adfs.domain.local to the IP of the ADFS server 10.0.0.2 (not WAP as before), then I get the ADFS screen with errors 511 and 364. Which is logical.
    What is my problem?
    Thanks in advance for answers

    Thursday, April 5, 2018 12:50 PM