Event ID 729 — Trust Policy and Configuration
Applies To: Windows Server 2008 R2
The Active Directory Federation Services (AD FS) trust policy file defines the set of parameters that a Federation Service requires to identify partners, certificates, account stores, claims, and the various properties of these entities that are associated with the Federation Service.
Event Details
Product: | Windows Operating System |
ID: | 729 |
Source: | Microsoft-Windows-ADFS |
Version: | 6.1 |
Symbolic Name: | AccountPartnerCertsHaveExpired |
Message: | The last valid verification certificate for account partner %1, or a certificate in its trust chain, has expired. Account partner name: %1 Input from this account partner cannot be verifed. User Action Contact the account partner administrator as soon as possible and obtain a valid certificate. Additional Data Subject: %2 Issuer: %3 Thumbprint: %4 |
Resolve
Obtain a valid certificate for the account partner
Contact the account partner administrator as soon as possible, and obtain a valid token-signing certificate.
To perform this procedure, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.
To add a token-signing certificate to the verification list of an account partner:
- Click Start, point to Administrative Tools, and then click Active Directory Federation Services.
- Double-click Federation Service, double-click Trust Policy, double-click Partner Organizations, double-click Account Partners, right-click the account partner, and then click Properties.
- Click the Verification Certificates tab, and then click Add.
- In the Browse for Verification Certificate file dialog box, locate the certificate file that you want to add.
- Select the certificate file, and then click Open.
- In the Trust Policy Properties dialog box, click OK.
Verify
Verify that you can access the Active Directory Federation Services (AD FS)-enabled application from a client browser and that the resource can be accessed.