locked
ADFS Service Unavailable RRS feed

  • Question

  • Hi, I originally posted this question in the Edge Servers forums, but I was told the W2k8 R2 Management forums is where I was supposed to post.  http://social.technet.microsoft.com/Forums/en/ocsedge/thread/68c77c8a-ddd9-47d8-9c6e-577a5c272ac0

     

    I have Active Directory Federation Services installed on two W2k8 R2 domain controllers in two different forests.  Everything seems to run fine and I'm not getting any errors in the event logs.  The issue is when I try to add an ADFS proxy server or ADFS web agent server and point them to my federation server, at the validation point I get the error Unavailable.  It should be noted that I'm running the ADFS that comes built in W2k8 R2, and not the downloaded 2.0 RC version.

    If I browse to the website https://<server fqdn>/adfs/fs it works just fine, and I get the FederationServerService web page with a list of command links like GET and REQUEST.  However if I browse to https://<server fqdn>/adfs/fs/federationserverservice.asmx I get an error "HTTP error 503. The Service is Unavailable."  I'm also still stuck with the issue that no other servers can validate my federation server.  I have also tried using the ADFS 2.0 RC and I have the same issues.

    Thanks for any help in advance.

    Tuesday, April 27, 2010 11:51 AM

All replies

  • Hi,

     

    To narrow down the cause of the issue, I suggest that you access the URL https://localhost/adfs/fs/federationserverservice.asmx on the ADFS server and check the result. If you still get the HTTP error 503, the issue seems to be more related to IIS. The following KB article could be helpful to troubleshoot the issue:federationserverservice.asmx

     

    The HTTP status codes in IIS 7.0

    http://support.microsoft.com/kb/943891

     

    503.0 - Service unavailable. The request is sent to an application pool that is currently stopped or that is currently disabled. To resolve this issue, make sure that the destination application pool is started. The event log may give information about why the application pool is stopped or disabled.


    This posting is provided "AS IS" with no warranties, and confers no rights.
    Wednesday, April 28, 2010 7:52 AM
  • Thanks for the feedback, and thanks for the link to those error codes; that is a useful page.

    Unfortunately it is still not working.  I still get the error when going to https://localhost/adfs/fs/federationserverservice.asmx.  I checked the App Pool in IIS, and it looks fine to me.  I also checked for any errors in the Event Logs (IIS, ADFS, Application, and System), but there are no errors.  There isn't anything recent at all related to ADFS, no Information, Warnings, or Errors.  I'm still not sure what to do at this point.

    Wednesday, April 28, 2010 10:27 PM
  • Hi,

    Have you tried to access the URL on the local server? Please let me know the result, so that I can better understand the issue.

    Thanks.


    This posting is provided "AS IS" with no warranties, and confers no rights.
    Thursday, April 29, 2010 1:27 AM
  • Yes, I have tried it from the local server and remote systems.  I have tried it with an admin account and a non-admin account as well.  The SSL certificate is also good with no errors when accessing the system using it's FQDN.

    I have read all the guides and how to's on TechNet that I can find on configuring ADFS.  I've even read the local help files.  I can't help but think I'm overlooking something simple, but I just can't seem to find it.  I've re-setup ADFS on these systems and completely removed IIS several times, just to see if I overlooked anything.

    I wanted to add something...I ran the ADFS Diagnostic Tool on this server and it passed.  When I try to setup ADFS Web Component on my SharePoint server and point to my ADFS server, when it tried to validate I get the error "Service Unavailable".  That's what originally led me down this path.  The troubleshooting I looked up said to check the URL https://<server fqdn>/adfs/fs/federationserverservice.asmx to verify it is working correctly, so that's where I am.  I still get the Service Unavailable at that URL as well as the Web Component validation.

    Thursday, April 29, 2010 11:41 AM
  • Hi,

     

    Based on the current situation, I suggest that you contact Microsoft Customer Support Service (CSS) for assistance. The experts who are familiar with IIS and ADFS there can help you debug the issue and identify the cause efficiently.

     

    For a complete list of Microsoft Product Support Services phone numbers and information about support costs, please go to the following address on the World Wide Web:

    http://support.microsoft.com/directory/overview.asp

     

    Thanks.


    This posting is provided "AS IS" with no warranties, and confers no rights.
    Tuesday, May 4, 2010 2:00 AM
  • Ok, I may have to do that.  Thank you for trying to help with this, I do appreciate it.
    Tuesday, May 4, 2010 11:07 AM
  • Hi,

    Thank you for your understanding.

    After the issue is resolved, please post the cause and resolution here so that it can benefit other community.

    Hope the issue can be resolved soon.

     


    This posting is provided "AS IS" with no warranties, and confers no rights.
    Wednesday, May 5, 2010 1:28 AM