Federation Services - Initial Configuration Help


  • Hello,

    Let me know if there is a better place to post this question...

    I have a new install of ADFS that isn't working.  I've been using the technet article labled "Checklist: Use AD FS to implement and manage single sign-on" as a guideline.  I have gotten to the point where I have dual federation servers with the roles installed on dedicated servers, and NLB installed on each as well.  As well, I'm using a wild card cert for my domain.

    What is working... I can visit these pages locally on each server:


    But, I cannot visit the same URL using the FQDN of my NLB cluster name (it is pingable):

    I know my NLB is working properly, for example, I can RDP to each federation server (say "" and "").  And I can RDP to "" - I get redirected to the primary.  If in NLB I stop the primary, when I RDP to again I get directed to the 2nd server.  So thats good.

    When I do I a packet capture from my PC to (in the LAN), I see the HTTPS traffic going back and forth, but ultimately ending in a reset (I don't know how to full understand the communication shown in a packet capture)

    16806 8.649136 TCP 54 https > 49632 [RST, ACK] Seq=1 Ack=127 Win=0 Len=0

    (server =, PC

    Any tips on troubleshooting?

    Friday, April 25, 2014 12:13 AM


  • I re-installed all four servers and the issue went away.  I think the problem was related to a service account permissions which accessed the local WID DB
    • Marked as answer by Drew.Prince Friday, May 09, 2014 12:44 PM
    Friday, May 09, 2014 12:44 PM

All replies