When you say you are using a local admin account, you mean a local account which is admin? Or a domain account which is a member of the local administrators group?
The error message suggests a Kerberos authentication erreur. So that you used a local account. There's no Kerberos authentication possible when using a local account.
ADFS FBL Raise Fail
I tried to raise the ADFS FBL with Test-AdfsFarmBehaviorLevelRaise
Test-AdfsFarmBehaviorLevelRaise : Database upgrade cannot be performed on xxx Error: Connecting to remote server xxx failed with the following error message : WinRM cannot process the request. The following error with errorcode
0x8009030e occurred while using Kerberos authentication: A specified logon session does not exist. It may already have been terminated.
I checked that Windows Remote Manager service is running.
I checked that TCP 5985 is not blocked.
I am running the command on the primary server and it is a single node farm. I have checked the ADFS service is in good health before I run this command.
Any advice on how I can raise the FBL?
I am using a local admin account to raise the FBL. Is it that problem? If I can only use a local admin account, do I need to add certain permissions?
-
Pierre Audonnet - MSFT 10,181 Reputation points Microsoft Employee
2021-06-11T13:10:32.707+00:00