Share via

ADFS Adding Server to Existing Farm - "System.Data.SqlClient.SqlConnection" threw an exception

Austin Wilcox 0 Reputation points
2025-07-15T14:12:22.0666667+00:00

Hey there,

I am having this strange issue when adding a new server to an existing ADFS farm. No matter what I do, it keeps throwing a "System.Data.SqlClient.SqlConnection" error, which is weird because I am not using a SQL Server for the ADFS configuration. The existing farm uses Windows Internal Database. I have spent 3 days trying everything I can think of and there are no solutions anywhere online. I am a Network and Systems Engineer, so believe me when I say I have tried everything. Please see the list of things I have tried. There is also a screenshot of the error I am receiving. The servers are on our domain and the ADFS system is live and working fine. The farms use a group managed service account. All traffic is allowed between the servers. I am seriously out of ideas, so posting here. Thanks for any help!

The Error Message:

An error occurred while checking if the database exists: An error occurred during an attempt to connect to the AD FS configuration database. Error: The type initializer for 'System.Data.SqlClient.SqlConnection' threw an exception.. Confirm that the database hostname and instance are correct and that the specified service account has logon access to the database.

Screenshot 2025-07-09 1247022

Troubleshooting steps I have tried:

  • Fresh install of Windows Server 2019, 2022, and 2025
  • Checked Group Policy
  • Checked Group Managed Service Account
  • Set ADFS service to use GMSA
  • Updated Windows Server with latest updates
  • Installed .NET 2.0, 3.0, 4.6, 4.7, 4.8
  • Installed WID service
  • Installed IIS service
  • Turned off Windows Firewall
  • Allowed all traffic between servers on network end
  • Ensured servers can communicate to other servers via Test-NetConnection
  • Installed dedicated certificate on new servers
  • Gave read permissions to certificate private key for GMSA
  • Backup and Restore using Microsoft's dedicated ADFS Backup & Restore tool
  • Copied WID data files onto new server
  • Edited local group policy to allow logon of services
  • Ran things as administrator
Windows for business | Windows Server | Directory services | Active Directory
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Smith Pham 2,700 Reputation points Independent Advisor
    2025-07-25T08:10:36.53+00:00

    Dear Team,

    You cannot add a new ADFS server to an existing farm using Windows Internal Database (WID) if the original ADFS farm is using WID and you're selecting the "Add a federation server to a federation server farm" option. That option assumes a SQL Server-backed farm, not WID.

    Explanation:

    The error:

    System.Data.SqlClient.SqlConnection threw an exception

    ...means the ADFS wizard is trying to connect to SQL Server, but your existing farm uses WID, which doesn't support adding secondary servers directly via that wizard.

    Correct Steps to Join a New ADFS Server to a WID Farm:

    Install ADFS role on the new server.

    Use PowerShell, not the GUI wizard:

    
Install-AdfsFarmNode `
    -PrimaryComputerName "YourPrimaryADFSHost.domain.com" `
    -GroupServiceAccountIdentifier "domain\gmsa$"

    PrimaryComputerName: The original ADFS server using WID.

    GroupServiceAccountIdentifier: Your Group Managed Service Account.

    ⚠️ Do not use the SQL Server setup screen or "Specify Farm" UI path — that's only for SQL-backed ADFS farms.

    Checklist to Ensure Success:

    All ADFS servers must be on the same domain.

    WID feature must be installed (Windows Internal Database feature).

    The GMSA account must be allowed to log on as a service.

    Firewall must allow TCP 80, 443, and 5985 (WinRM) between servers.

    Reference:

    • Microsoft Docs – Join ADFS Farm with WIDYou cannot add a new ADFS server to an existing farm using Windows Internal Database (WID) if the original ADFS farm is using WID and you're selecting the "Add a federation server to a federation server farm" option. That option assumes a SQL Server-backed farm, not WID. Explanation: The error:

    System.Data.SqlClient.SqlConnection threw an exception

    ...means the ADFS wizard is trying to connect to SQL Server, but your existing farm uses WID, which doesn't support adding secondary servers directly via that wizard.

    Correct Steps to Join a New ADFS Server to a WID Farm:

    1. Install ADFS role on the new server.
    2. Use PowerShell, not the GUI wizard:
      
  Install-AdfsFarmNode `
  -PrimaryComputerName "YourPrimaryADFSHost.domain.com" `
  -GroupServiceAccountIdentifier "domain\gmsa$"
    • PrimaryComputerName: The original ADFS server using WID.
    • GroupServiceAccountIdentifier: Your Group Managed Service Account.

      ⚠️ Do not use the SQL Server setup screen or "Specify Farm" UI path — that's only for SQL-backed ADFS farms.

      Checklist to Ensure Success:
      • All ADFS servers must be on the same domain.
    • WID feature must be installed (Windows Internal Database feature).
    • The GMSA account must be allowed to log on as a service.
    • Firewall must allow TCP 80, 443, and 5985 (WinRM) between servers. Reference:

    Best Regards,

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.