Problem adfs farm

Alan Ferreira Maia 26 Reputation points
2020-06-22T21:41:02.323+00:00

Hello,
They could help me, I have a problem in farm adfs, I have a primary and a secondary adfs and they are in a Microsoft NLB, when I restart my primary adfs the entire authentication environment falls, I validated all certificates in the adfs and WAPs , would this compartment be normal?
Would any procedure work around this problem?

Thanks

Alan F Maia

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,261 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Pierre Audonnet - MSFT 10,191 Reputation points Microsoft Employee
    2020-06-23T12:59:49.017+00:00

    Microsoft NLB doesn't provide a full proof fault tolerance. A node will be considered up as soon as the TCP-IP stack of the machine is up and running whereas the ADFS service might not be running yet.

    That said, if you turn off complete one node, you should expect the authentication to work on the second node... I would start by creating an entry in your HOSTS file to make your ADFS FQDN point to the secondary node in a normal operation mode (2 nodes are up). And see if authentication works. If it does work, you have a NLB issue. If it doesn't work, you have an ADFS issue and we'll need to check if the database sync works properly and what not. For that second part, you can use these tool: Diagnostics Analyzer.

    0 comments No comments

  2. Alan Ferreira Maia 26 Reputation points
    2020-06-24T17:40:04.383+00:00

    I will perform updates on the server, since it is out of date, I should do it in a few weeks.
    I will follow this line before I continue troubleshooting

    Thanks

    Alan Ferreira Maia

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.