This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 15%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJB%3C/text%3E%3C/svg%3E)
I get an error when configuring ADFS for the first time. I search the internet and found only little information about this so I am posting for help here.
Hello,
We need more details to troubleshoot the issue further like the steps you performed, logs, event viewer messages etc.. Meantime, check it again by disabling Windows Firewall
Thanks, Manu
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 57.00000000000001%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Could you please provide complete error and any events during this configuration?
Normal steps in configuring via Server Manager console. At the end of the configuration steps it says The server is not operational.
These are from event logs.
Hello,
Although it reports a certificate issue, the root cause can be a permission also. So, first make sure that the certificate is fine. If you check event log, you may see messages like 'AD FS detected that all the service certificates have appropriate access given to the AD FS service account.'. This shows that certificate is fine.
Have you tried to install ADFS by domain account? Try installing with Local System Administrator account also and see if you are able to succeed
Thanks,
Manu
I See no logs pertaining to 'AD FS detected that all the service certificates have appropriate access given to the AD FS service account.' I tried installing using domain admin account and still same error. Also tried with account that is a member of the local admin of the server. I tried re-installing several times and I always get this error on MSSQL event ID 9645 (screenshot from the thread). Something about the sql broker. I'm confused since I am not using SQL. I am using WID.
already replied above.
Hello @Janus Bariñan ,
Have you tried the Microsoft solution here: https://support.microsoft.com/en-us/help/2832204/mssql-microsoft-wid-service-was-unable-to-log-on-as-nt-service-mssql-m
Thanks,
Manu
Yes already did that. Even added both NT SERVICE\MSSQL$MICROSOFT##WID and NT SERVICE\ALL SERVICES and still get "The server is not operational"
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 17%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMG%3C/text%3E%3C/svg%3E)
I get an error close to the OP...
I am logged into the server under the domain admin account, I install ADFS and go to configure it, and error out with one of two errors... Nor can I always reproduce the same errors...
This is my most common one...
You do not have sufficient privileges to create a container in Active Directory at location CN=b068000d-5ee5-4d86-9fc2-ab9823eae29e,CN=ADFS,CN=Microsoft,CN=Program Data,DC=____,DC=com for use with sharing certificates. Verify that you are logged on as a Domain Admin or have sufficient privileges to create this container, and try again.
I already have a folder structure for ADFS THOUGH it is now what shows above, it has it under the DC=, CN=Program Data, CN=MICROSOFT, CN=ADFS, and then a bunch of sub folders