ADFS Login error System.ArgumentOutOfRangeException: Not a valid Win32 FileTime.

Manoj Batchu 5 Reputation points
2023-11-02T01:59:26.5+00:00

We have Dynamics CRM application hosted in Domain A with ADFS and Users are available in Domain A and Domain B. One Way Forest Trust with Selective Authentication is configured between the forests.

As Selective Authentication is enabled, we provided 'Allowed to Authenticate' permissions for the Domain B Domain users group on the Domain A Computer accounts where the application is hosted.

We are able to login to the Dynamics CRM application with users from Domain A. However, we get the below error message when we try to access the application with users in Domain B.

ServiceHostManager.LogFailedAuthenticationInfo: Token of type 'http://schemas.microsoft.com/ws/2006/05/identitymodel/tokens/UserName' validation failed with following exception details:System.ArgumentOutOfRangeException: Not a valid Win32 FileTime.Parameter name: fileTime   at System.DateTime.FromFileTimeUtc(Int64 fileTime)   at Microsoft.IdentityServer.Tokens.LsaLogonUserHelper.GetPasswordExpiryDetails(SafeLsaReturnBufferHandle profileHandle, DateTime& nextPasswordChange, DateTime& lastPasswordChange)   at Microsoft.IdentityServer.Tokens.LsaLogonUserHelper.GetLsaLogonUserInfo(SafeHGlobalHandle pLogonInfo, Int32 logonInfoSize, DateTime& nextPasswordChange, DateTime& lastPasswordChange, String authenticationType, String issuerName)   at Microsoft.IdentityServer.Tokens.LsaLogonUserHelper.GetLsaLogonUser(String domain, String username, String password, DateTime& nextPasswordChange, DateTime& lastPasswordChange, String issuerName)   at Microsoft.IdentityServer.Service.LocalAccountStores.ActiveDirectory.ActiveDirectoryCpTrustStore.ValidateUser(IAuthenticationContext context)   at Microsoft.IdentityServer.Service.Tokens.MsisLocalCpUserNameSecurityTokenHandler.ValidateTokenInternal(UsernameAuthenticationContext usernameAuthenticationContext, SecurityToken token)   at Microsoft.IdentityServer.Service.Tokens.MsisLocalCpUserNameSecurityTokenHandler.ValidateToken(SecurityToken token)
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,444 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,086 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,214 questions
0 comments No comments
{count} vote