Event ID 610 — Trust Policy and Configuration
Applies To: Windows Server 2008
.jpg)
The Active Directory Federation Services (AD FS) trust policy file defines the set of parameters that a Federation Service requires to identify partners, certificates, account stores, claims, and the various properties of these entities that are associated with the Federation Service.
Event Details
| Product: | Windows Operating System |
| ID: | 610 |
| Source: | Microsoft-Windows-ADFS |
| Version: | 6.0 |
| Symbolic Name: | WebConfigurationException |
| Message: | An unexpected exception was encountered when reading the web.config section '%1': Section: %1 Additional Data Exception information: %2 |
Resolve
Review invalid fields in the web.config file
This error was generated because there is an invalid field in the web.config file on the federation server proxy or because the user has manually modified the web.config file without using the Active Directory Federation Services snap-in to set the audit level. To fix the problem, use one of the following procedures.
To perform these procedures, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.
Open the web.config file on the federation server proxy, and make sure that a valid value is present in the FSURI field.
To check the FSURI value using the web.config file:
- In Notepad or another text editor, open the web.config file that is in %systemdrive%\windows\systemdata\adfs\sts\on the federation server proxy.
- Search for fsuri.
- Check that a value is present and that it is correct.
Reconfigure the web.config file on the federation server proxy by using the Active Directory Federation Services snap-in.
To check the Federation Service Uniform Resource Identifier (URI) value using the Active Directory Federation Services snap-in:
- Click Start, point to Administrative Tools, and then click Active Directory Federation Services.
- Right-click Federation Service Proxy, and then click Properties.
- On the General tab, check that Federation Service URL is present and that it has the correct value.
Verify
Verify that you can access the Active Directory Federation Services (AD FS)-enabled application from a client browser and that the resource can be accessed.