locked
Event ID: 102 - after applying new role and certificate - ADFS 3.0 RRS feed

  • Question

  • I have installed the ADFS role on and everything seems to have gone through correctly. Except when the services start they return this error message. 

    I have checked the permissions on the certificate store for the cert and it all seems correct.

    Event ID: 102

    There was an error in enabling endpoints of Federation Service. Fix configuration errors using PowerShell cmdlets and restart the Federation Service. 

    Additional Data 
    Exception details: 
    System.ArgumentNullException: Value cannot be null.
    Parameter name: certificate
       at System.IdentityModel.Tokens.X509SecurityToken..ctor(X509Certificate2 certificate, String id, Boolean clone, Boolean disposable)
       at Microsoft.IdentityServer.Service.Configuration.MSISSecurityTokenServiceConfiguration.Create(Boolean forSaml, Boolean forPassive)
       at Microsoft.IdentityServer.Service.Policy.PolicyServer.Service.ProxyPolicyServiceHost.ConfigureWIF()
       at Microsoft.IdentityServer.Service.SecurityTokenService.MSISConfigurableServiceHost.Configure()
       at Microsoft.IdentityServer.Service.Policy.PolicyServer.Service.ProxyPolicyServiceHost.Create()
       at Microsoft.IdentityServer.ServiceHost.STSService.StartProxyPolicyStoreService(ServiceHostManager serviceHostManager)
       at Microsoft.IdentityServer.ServiceHost.STSService.OnStartInternal(Boolean requestAdditionalTime)


    Monday, March 7, 2016 9:00 AM

All replies

  • check this article for the similar behavior and the possible solution provided.

    http://social.technet.microsoft.com/wiki/contents/articles/2127.ad-fs-2-0-the-service-fails-to-start-and-error-events-352-102-and-220-describing-an-operationalfault-are-logged.aspx

    Monday, March 7, 2016 10:21 AM
  • Looked in to that article it relates to ADFS 2. I am using a windows 2012r2 server with ADFS 3.0 installed.

    Tried the solution but it made no difference.

    Monday, March 7, 2016 11:06 AM
  • Can you enable the AD FS Tracing/Debug log, restart the service and disable the log?

    And share some sanitized data. Thanks!


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Monday, March 7, 2016 12:15 PM
  • Please grant the certificate permission for the ADFS service acct. Permission is read.

    Regards,

    Biswajit

    MCTS, MCP 2003,MCSA 2003, MCSA:M 2003, CCNA, Enterprise Admin, ITIL F 2011

    Blog:   Script Gallary:   LinkedIn:   

    Note: Disclaimer: This posting is provided & with no warranties or guarantees and confers no rights..

    Friday, December 30, 2016 1:39 PM
  • What's the status here?

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.


    Saturday, January 7, 2017 6:37 PM