locked
ADFS - Endpoint Trust Error - MSIS7615 RRS feed

  • Question

  • When attempting to update a ws-federation metadata from a relying party member.
    An error message displayed with the following:

    "An error occurred during an attempt to access the AD FS configuration database: Error message: MSIS7615: The trusted endpoints specified in a relying party trust must be unique for that relying party trust."

    I noticed that it could not and would not overwrite existing ws-federation endpoints.
    Removing monitoring of metadata file and removing all existing endpoints, reapply the monitoring.
    This allows it to update without an issue.
    However, the next iteration for updating metadata shows the same message again.
    Looked everywhere on the internet but no one seems to have the same issue as I am.

    Is there a patch for Windows Server 2012 to allow it overwrite existing ws-federation endpoints should it exist during auto update of metadata?

    Anyone who has similar issue or insight into this rare problem will be appreciated. Thanks! Cheers.

    Monday, October 3, 2016 2:17 PM

All replies

  • Hi,

    Is this a 3rd-party app? RPs that support WS-Federation metadata exchange are fairly rare birds :) Have you tried recreating the RP from scratch? Does it exhibit the same behavior? 


    http://blog.auth360.net


    • Edited by Mylo Tuesday, October 4, 2016 12:41 AM
    Tuesday, October 4, 2016 12:40 AM
  • Apologies for the late reply.
    It is a Microsoft application.
    Also recreated the RP as well.
    This error doesn't seem to want to go away.
    At this point I"m for any suggestions that will make it work.

    Tuesday, October 4, 2016 1:38 PM
  • Hi VeeGeeTea,

    Which specific Microsoft application is this? I'll see if I can recreate.


    http://blog.auth360.net

    Tuesday, October 4, 2016 5:17 PM
  • Any update here?

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, October 11, 2016 10:31 AM
  • Apologies once again, got caught with other projects.

    It seems like when AD FS attempts to auto update from a designated location with the multiple ws-federation passive endpoints declared from the metadata it failed with that message.

    If you were to delete the endpoints, you will be able to update it manually until it attempts to auto update again and ended up with the same fate as above.

    Thursday, November 10, 2016 5:41 PM