Re: ADFS Step-by-step scenario : my config doesn't work :(
- From: "Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 20 Dec 2006 10:12:00 -0600
Are you trying to set up a trust using a forest trust or are you using ADFS
with the standard PKI trust approach? If using PKI, the domains should
never communicate.
Since that is the typical scenario you'd use when federating with an outside
organization, that's what I'd normally try to set up, but it depends on how
you are planning to use the product.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"SC" <seth666@xxxxxxxxx> wrote in message
news:1166623487.264280.257750@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi,
I'm trying to setup a config as told in the ADFS Step by Step Guide but
I still have troubles.
-----DCs (adfsresource & adfsaccount)-----
It seems that both DCs -adfsaccount and adfs resource- (with ADFS
Federation Service, self signed cert,....) are well configured except
the fact that i haven't noticed any trafic between the DCs. I sniffed
my network thanks to Ethereal. I think it's normal that no trafic is
exchanged because my DCs haven't received any request from adfsweb.
1st question/
Is there a way to force an ADFS communication between the DCs in order
to check if the Trust is successful?
-----adfsweb-----
adfsweb has IIS 6 RK tools, self signed cert,..., configured.
On the Application Server MMC, if I right click on 'Web Sites', I can
access to the "ADFS Web Agent" tab.
If i launch IE, I can access
https://adfsresource.treyresearch.net/adfs/fs/FederationServerService.asmx
(which is the URL configured in ADFS Web Agent tab) from adfsaccount,
adfsresource, adfsweb and my client.
If I try to access the "ADFS Web Agent" tab of 'Default Web Site' and
'stepbystep', the following error is prompted :
"An error occured while initializing the ADFS Web Agent properties
page."
2nd question/
Is that normal that I can only access the 'Web Sites' "ADFS Web Agent"
tab and get an error if I try accessing the "ADFS Web Agent" tab of
'Default Web Site' and 'stepbystep' ?
-----Trying to access adfsweb from a client----
When trying to access adfsweb from my client, I get an http 403 error
telling me that i'm not authorized to view this page.
I sniffed my network and the only trafic is between the client and
adfsweb.
==> adfsweb seems to never try to reach adfsaccount or adfsresource
If I look at the events generated on adfsweb, I can't see any failure
event related to my access attempt.
I also looked at the C:\ADFS\logs\ifsap.log and there's no new line :(
If someone can answers my questions and see what is wrong in my config.
Thanks for the help
SC
.
- References:
- Prev by Date: Export Dist groups from AD using CSVDE???
- Next by Date: Group policy push to add HKLM/software/ODBC
- Previous by thread: ADFS Step-by-step scenario : my config doesn't work :(
- Next by thread: RE: Restoration of Domain Controller on different hardware system
- Index(es):
Relevant Pages
|
Loading
