Partager via


ADFS 2.0; The Service is Unavailable Error

Hi,

I just came to understand that while using the Step by step guides for ADFS 2.0 alongwith combination of the Virtual machines that are present at connect Microsoft website, you might receive "Service Unavailable" errors while trying to navigate to ADFS asmx services or FederationMetadata.xml file.

The virtual Machines present at Microsoft connect location (below) have the Token-signing certificate and token-decrypting certificates on ContosoDC server expired on April 22 2011. Because of this ADFS is not able to build the certificate chain for these operations and as a result metadata endpoints are not exposed. An end user trying to work with these labs simply doesn’t see federationmetadata.xml file.

Temporary Resolution:

While it would take time to get the VMs updated, you can work ahead by renewing the certificates manually. In order to do so folow below steps:

1. Log in as Administrator on ContosoDC

2. Open Powershell in administrative mode and enter the command: "Add-PSSnapin Microsoft.Adfs.Powershell"

3. Enter following commands one by one. After hitting enter, you need to wait till the command prompt returns back.

Update-ADFSCertificate -CertificateType: Token-Signing -Urgent:$true

Update-ADFSCertificate -CertificateType: Token-Decrypting-Urgent:$true

VM Location: https://connect.microsoft.com/site642/Downloads/DownloadDetails.aspx?DownloadID=29506

 Rahul Gangwar