AD FS 2.0: Windows service does not start, does not start automatically, or starts slowly

Overview

• The AD FS 2.0 service takes a long time to start and restart
• The AD FS 2.0 service may fail to start upon login
• The AD FS 2.0 service may fail to start altogether
• The AD FS 2.0 server does not have outbound Internet access

 

Disable Authenticode Signing Verification

If the service is simply slow to start and the server does not have Internet access, disable authenticode signing verification.

In this file:
C:\program files\Active Directory Federation Services 2.0\Microsoft.IdentityServer.Servicehost.exe.config

Add this tag within the runtime tag:
<generatePublisherEvidence enabled=”false”/>

It should look similar to this:
<runtime>
     <gcServer enabled="true"/>
     <generatePublisherEvidence enabled=”false”/>
</runtime>

Service will not start or Service does not automatically start

If the service will not start or Service does not automatically start follow these steps.

• Ensure the service Startup Type is set to Automatic and is not set to Automatic (Delayed Start).  Change if necessary.
• Set ServicesPipeTimeout to 60 seconds or more.  Follow this link for detailed instructions.

 

Links

AD FS 2.0: The Service Fails to Start: "The service did not respond to the start or control request in a timely fashion."
http://social.technet.microsoft.com/wiki/contents/articles/ad-fs-2-0-the-service-fails-to-start-quot-the-service-did-not-respond-to-the-start-or-control-request-in-a-timely-fashion-quot.aspx

Improving application Start up time: GeneratePublisherEvidence setting in Machine.config
http://blogs.msdn.com/b/amolravande/archive/2008/07/20/startup-performance-disable-the-generatepublisherevidence-property.aspx