PoÅ¾adavek protokolu OAuth se nezdaÅ™il

Microsoft.ActiveDirectoryFederationServices.2016.AuthenticationOAuthRequestFailedErrorMonitor (UnitMonitor)

Tento monitor zachytÃ¡vÃ¡ chyby nezdaÅ™enÃ½ch pokusÅ¯ o ovÄ›Å™enÃ protokolu OAuth a Å¾Ã¡dostÃ o tokeny

Knowledge Base article:

Souhrn

Tento monitor kontroluje opakovanÃ© chyby v poÅ¾adavcÃch OAuth.

Pokud bÄ›hem 15 minut nedojde k dalÅ¡Ãm chybÃ¡m poÅ¾adavkÅ¯ OAuth, stav tohoto monitoru se vrÃ¡tÃ zpÃ¡tky na zelenÃ½ a souvisejÃcÃ vÃ½straha bude automaticky zavÅ™ena.

PÅ™ÃÄiny

MoÅ¾nÃ© chyby poÅ¾adavkÅ¯ OAuth:

1. PoÅ¾adavky o ovÄ›Å™enÃ obsahujÃ nesprÃ¡vnÃ©ho klienta, adresu URL pÅ™esmÄ›rovÃ¡nÃ nebo parametry prostÅ™edkÅ¯.

2. Å½Ã¡dosti o tokeny obsahujÃ nesprÃ¡vnÃ½ nebo zastaralÃ½ autorizaÄnÃ kÃ³d nebo parametry obnovenÃ tokenu.

3. BÄ›hem pokusu o zpracovÃ¡nÃ Å¾Ã¡dosti doÅ¡lo k neoÅ¡etÅ™enÃ© vÃ½jimce.

Å˜eÅ¡enÃ

V pÅ™ÃpadÄ› prvnÃho uvedenÃ©ho dÅ¯vodu se obraÅ¥te na vlastnÃka klientskÃ© aplikace a ovÄ›Å™te konfiguraci objektÅ¯ dÅ¯vÄ›ryhodnÃ½ch certifikÃ¡tÅ¯ vlastnÃka a pÅ™edÃ¡vajÃcÃ strany pomocÃ rutin prostÅ™edÃ Windows PowerShell sluÅ¾by AD FS.

V pÅ™ÃpadÄ› druhÃ©ho uvedenÃ©ho dÅ¯vodu se pÅ™i dalÅ¡Ãm Å™eÅ¡enÃ problÃ©mÅ¯ obraÅ¥te na vlastnÃka klientskÃ© aplikace. Pokud Å¾Ã¡dosti obsahujÃ zastaralÃ½ autorizaÄnÃ kÃ³d nebo tokeny obnovenÃ, je moÅ¾nÃ©, Å¾e klientskÃ¡ aplikace mÃ¡ vadu kÃ³du.

V pÅ™ÃpadÄ› tÅ™etÃho uvedenÃ©ho dÅ¯vodu prostudujte dalÅ¡Ã informace ve zprÃ¡vÄ› o vÃ½jimce v protokolu udÃ¡lostÃ.

Element properties:

Target

Microsoft.ActiveDirectoryFederationServices.2016.Authentication

Parent Monitor

System.Health.ConfigurationState

Category

ConfigurationHealth

Enabled

True

Alert Generate

True

Alert Severity

MatchMonitorHealth

Alert Priority

Normal

Alert Auto Resolve

True

Monitor Type

Microsoft.Windows.RepeatedEventLogTimer2StateMonitorType

Remotable

True

Accessibility

Public

Alert Message

PoÅ¾adavek protokolu OAuth se nezdaÅ™il

RunAs

Default

Source Code:

<UnitMonitor ID="Microsoft.ActiveDirectoryFederationServices.2016.AuthenticationOAuthRequestFailedErrorMonitor" Accessibility="Public" Enabled="true" Target="Microsoft.ActiveDirectoryFederationServices.2016.Authentication" ParentMonitorID="Health!System.Health.ConfigurationState" Remotable="true" Priority="Normal" TypeID="Windows!Microsoft.Windows.RepeatedEventLogTimer2StateMonitorType" ConfirmDelivery="true">

  <Category>ConfigurationHealth</Category>

  <AlertSettings AlertMessage="Microsoft.ActiveDirectoryFederationServices.2016.AuthenticationOAuthRequestFailedErrorMonitor_AlertMessageResourceID">

    <AlertOnState>Warning</AlertOnState>

    <AutoResolve>true</AutoResolve>

    <AlertPriority>Normal</AlertPriority>

    <AlertSeverity>MatchMonitorHealth</AlertSeverity>

  </AlertSettings>

  <OperationalStates>

    <OperationalState ID="RepeatedEventRaised" MonitorTypeStateID="RepeatedEventRaised" HealthState="Warning"/>

    <OperationalState ID="TimerEventRaised" MonitorTypeStateID="TimerEventRaised" HealthState="Success"/>

  </OperationalStates>

  <Configuration>

    <RepeatedComputerName>$Target/Host/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</RepeatedComputerName>

    <RepeatedLogName>AD FS/Admin</RepeatedLogName>

    <RepeatedExpression>

      <And>

        <Expression>

          <Or>

            <Expression>

              <SimpleExpression>

                <ValueExpression>

                  <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>

                </ValueExpression>

                <Operator>Equal</Operator>

                <ValueExpression>

                  <Value Type="UnsignedInteger">1020</Value>

                </ValueExpression>

              </SimpleExpression>

            </Expression>

            <Expression>

              <SimpleExpression>

                <ValueExpression>

                  <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>

                </ValueExpression>

                <Operator>Equal</Operator>

                <ValueExpression>

                  <Value Type="UnsignedInteger">1021</Value>

                </ValueExpression>

              </SimpleExpression>

            </Expression>

          </Or>

        </Expression>

        <Expression>

          <RegExExpression>

            <ValueExpression>

              <XPathQuery Type="String">PublisherName</XPathQuery>

            </ValueExpression>

            <Operator>MatchesRegularExpression</Operator>

            <Pattern>(^AD FS$)</Pattern>

          </RegExExpression>

        </Expression>

      </And>

    </RepeatedExpression>

    <Consolidator>

      <ConsolidationProperties/>

      <TimeControl>

        <WithinTimeSchedule>

          <Interval>60</Interval>

        </WithinTimeSchedule>

      </TimeControl>

      <CountingCondition>

        <Count>10</Count>

        <CountMode>OnNewItemTestOutputRestart_OnTimerSlideByOne</CountMode>

      </CountingCondition>

    </Consolidator>

    <TimerWaitInSeconds>900</TimerWaitInSeconds>

  </Configuration>

</UnitMonitor>

PoÅ¾adavek protokolu OAuth se nezdaÅ™il

Microsoft.ActiveDirectoryFederationServices.2016.AuthenticationOAuthRequestFailedErrorMonitor (UnitMonitor)

Knowledge Base article:

Souhrn

PÅ™Ã­Äiny

Å˜eÅ¡enÃ­

Element properties:

Source Code:

PÅ™ÃÄiny

Å˜eÅ¡enÃ