locked
ADFS Portal Issues RRS feed

  • Question

  • Hi,

    Our organization's SSO portal is having some issues, such as when going to https://sso.domainname.com/adfs/portal it returns the error 

    Activity ID: 00000000-0000-0000-f204-0080000000b5
    Error time: Tue, 16 Jan 2018 21:24:52 GMT
    Cookie: enabled
    User agent string: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36

    Event Logs does show an error when I try to load it, however I can't seem to find anywhere on the internet what it means

    - <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    - <System>
      <Provider Name="AD FS Tracing" Guid="{0457a490-4d4d-4a5b-b639-35382f1b6709}" /> 
      <EventID>87</EventID> 
      <Version>0</Version> 
      <Level>2</Level> 
      <Task>0</Task> 
      <Opcode>0</Opcode> 
      <Keywords>0x8000000000020000</Keywords> 
      <TimeCreated SystemTime="2018-01-17T22:35:48.467968600Z" /> 
      <EventRecordID>2</EventRecordID> 
      <Correlation ActivityID="{00000000-0000-0000-A50D-0080000000B3}" /> 
      <Execution ProcessID="5040" ThreadID="7856" ProcessorID="0" KernelTime="0" UserTime="0" /> 
      <Channel>AD FS Tracing/Debug</Channel> 
      <Computer>SSO.domainnanme.com</Computer> 
      <Security UserID="xxxxxxxxx" /> 
      </System>
    - <UserData>
    - <Event xmlns="http://schemas.microsoft.com/ActiveDirectoryFederationServices/2.0/Events">
      <EventData>Portal listener error</EventData> 
      </Event>
      </UserData>
      </Event>


    ADFS does partly work as I can get to https://sso.domainname.com/adfs/ls/idpinitiatedsignon.aspx and that displays the relay sites etc, This server is Windows Server 2012 R2


    Thanks


    • Edited by willwilson Wednesday, January 17, 2018 10:47 PM Adding more detail
    Wednesday, January 17, 2018 6:23 PM

All replies

  • Does anyone have any clue? Still having the issue.
    Saturday, January 20, 2018 7:22 PM
  • Well, there is nothing to expect going to https://sso.domainname.com/adfs/portal that's not an endpoint displaying anything. What would you expect to see that? What are you using this URL for?

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Thursday, January 25, 2018 4:05 PM
  • Hi,

    It also shows this error when trying to get to https://sso.domainname.com/adfs/portal/updatepassword/

    However it still shows that error, unsure why.

    Monday, January 29, 2018 8:33 PM
  • Hello,

    try this and see if you get any error:

    https://sso.domainname.com/adfs/ls/idpinitiatedSignOn.aspx?

    this should list all your RP if there are any.

    Let me know if you see any error


    Isaac Oben MCITP:EA, MCSE,MCC <a href="https://www.mcpvirtualbusinesscard.com/VBCServer/4a046848-4b33-4a28-b254-e5b01e29693e/interactivecard"> View my MCP Certifications</a>

    Thursday, February 1, 2018 7:26 AM
  • Hi,

    No error on that, It shows the 'You are not signed in' with the options for 'Sign into this site.' which is seeming to be alright, however the other mentioned urls, doesn't work


    Thursday, February 1, 2018 11:51 AM
  • The updatepassword endpoint is not enabled by default. You need to enable it if you want to reach it:

    Enable-AdfsEndpoint "/adfs/portal/updatepassword/"
    Set-AdfsEndpoint "/adfs/portal/updatepassword/" -Proxy:$true

    The services (ADFS and WAP) need to be restarted after running these.

    Regarding the URL https://sso.domainname.com/adfs/portal, there is nothing there. So nothing to expect.


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Monday, February 5, 2018 1:53 PM
  • Hi,

    I've done what you said however I'm still getting the following:

    Activity ID: 00000000-0000-0000-26bf-0080000000b3
    Error time: Thu, 08 Feb 2018 22:30:55 GMT
    Cookie: enabled
    User agent string: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36
    

    I restarted the services, didn't work, so I've even rebooted the whole server but still having the same issue.

    Thursday, February 8, 2018 10:32 PM
  • There is NOTHING at the endpoint: https://sso.domainname.com/adfs/portal.

    Do you have the error when you try to reach the URL: https://sso.domainname.com/adfs/portal/updatepassword/?

    The actual error message shows up on the AD FS Admin event logs on the ADFS server. What does it say?


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Friday, February 9, 2018 7:16 PM