Error when you use the Set-MsolADFSContext command: The connection to <ServerName> Active Directory Federation Services 2.0 server failed
Applies to: Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012
Original KB number: 2587730
Symptoms
When you run the Set-MsolADFSContext -Computer command in the Microsoft Azure Active Directory module for Windows PowerShell, you receive the following error:
Set-MsolADFSContext : The connection to <ServerName> Active Directory Federation Services 2.0 server failed due to invalid credentials.
Note
Azure AD and MSOnline PowerShell modules are deprecated as of March 30, 2024. To learn more, read the deprecation update. After this date, support for these modules are limited to migration assistance to Microsoft Graph PowerShell SDK and security fixes. The deprecated modules will continue to function through March, 30 2025.
We recommend migrating to Microsoft Graph PowerShell to interact with Microsoft Entra ID (formerly Azure AD). For common migration questions, refer to the Migration FAQ. Note: Versions 1.0.x of MSOnline may experience disruption after June 30, 2024.
Cause
This error occurs if Remote PowerShell isn't enabled on the Active Directory Federation Services (AD FS) federation server that the -computer parameter references.
When a domain is added correctly and verified in the portal, you can use the Azure Active Directory module for Windows PowerShell to set up single sign-on (SSO) from a management workstation by using Remote PowerShell.
However, the Azure Active Directory module for Windows PowerShell can only be installed on Windows 7 and on Windows Server 2008 SR2. The Azure Active Directory module for Windows PowerShell can't be installed on Windows Server 2008 Service Pack 2 (SP2). Therefore, this problem is especially relevant where AD FS is installed on a Windows Server 2008 SP2 platform. In this case, the Azure Active Directory module for Windows PowerShell command that's related to AD FS must be issued from a remote computer.
Resolution
To enable Remote PowerShell on the AD FS federation server, follow these steps:
Start Windows PowerShell as an administrator. To do this, right-click the Windows PowerShell shortcut, and then select Run As Administrator.
To set up Windows PowerShell for remoting, type the following command, and then press Enter:
Enable-PSRemoting -force
More information
For more information about Remote PowerShell requirements, see About_Remote_Requirements.
For more information about Remote PowerShell functionality, see Windows PowerShell: Dive Deep into Remoting.
Still need help? Go to Microsoft Community or the Microsoft Entra Forums website.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for