Home
  •  

누락된 인증서 때문에 AD FS Windows 서비스를 시작하지 못함

Microsoft.ActiveDirectoryFederationServices.2016.FederationServerBadConfigurationCertificateNotFoundStartupMonitor (UnitMonitor)

Knowledge Base article:

요약

AD FS 구성 데이터베이스에서 확인되는 인증서를 찾을 수 없기 때문에 AD FS Windows 서비스를 시작하지 못했습니다.

AD FS Windows 서비스가 성공적으로 시작되면 모니터가 녹색 상태로 변하고 중요 경고가 자동으로 해결됩니다.

원인

이러한 상태는 지정한 findValue가 지정한 저장소의 인증서와 일치하지 않을 때 발생합니다. 이러한 상황이 발생한 일반적인 원인은 다음과 같습니다.

해결 방법

이 상황을 해결할 수 있는 방법은 다음과 같습니다.

Element properties:

TargetMicrosoft.ActiveDirectoryFederationServices.2016.FederationServer
Parent MonitorSystem.Health.ConfigurationState
CategoryConfigurationHealth
EnabledTrue
Alert GenerateTrue
Alert SeverityError
Alert PriorityNormal
Alert Auto ResolveTrue
Monitor TypeMicrosoft.Windows.2SingleEventLog2StateMonitorType
RemotableTrue
AccessibilityPublic
Alert Message
누락된 인증서 때문에 AD FS Windows 서비스를 시작하지 못함
페더레이션 서비스 구성의 findValue '{0}'(으)로 식별되는 인증서를 찾을 수 없습니다. AD FS Windows 서비스를 시작하지 못했습니다. 이벤트 세부 정보를 보려면 경고 컨텍스트 탭을 검토하십시오.
RunAsDefault

Source Code:

<UnitMonitor ID="Microsoft.ActiveDirectoryFederationServices.2016.FederationServerBadConfigurationCertificateNotFoundStartupMonitor" Accessibility="Public" Enabled="true" Target="Microsoft.ActiveDirectoryFederationServices.2016.FederationServer" ParentMonitorID="Health!System.Health.ConfigurationState" Remotable="true" Priority="Normal" TypeID="Windows!Microsoft.Windows.2SingleEventLog2StateMonitorType" ConfirmDelivery="true">

  <Category>ConfigurationHealth</Category>

  <AlertSettings AlertMessage="Microsoft.ActiveDirectoryFederationServices.2016.FederationServerBadConfigurationCertificateNotFoundStartupMonitor_AlertMessageResourceID">

    <AlertOnState>Error</AlertOnState>

    <AutoResolve>true</AutoResolve>

    <AlertPriority>Normal</AlertPriority>

    <AlertSeverity>Error</AlertSeverity>

    <AlertParameters>

      <AlertParameter1>$Data/Context/Params/Param[2]$</AlertParameter1>

    </AlertParameters>

  </AlertSettings>

  <OperationalStates>

    <OperationalState ID="FirstEventRaised" MonitorTypeStateID="FirstEventRaised" HealthState="Error"/>

    <OperationalState ID="SecondEventRaised" MonitorTypeStateID="SecondEventRaised" HealthState="Success"/>

  </OperationalStates>

  <Configuration>

    <FirstComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</FirstComputerName>

    <FirstLogName>$Target/Property[Type="Microsoft.ActiveDirectoryFederationServices.2016.FederationServer"]/ADFSEventLog$</FirstLogName>

    <FirstExpression>

      <And>

        <Expression>

          <SimpleExpression>

            <ValueExpression>

              <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>

            </ValueExpression>

            <Operator>Equal</Operator>

            <ValueExpression>

              <Value Type="UnsignedInteger">134</Value>

            </ValueExpression>

          </SimpleExpression>

        </Expression>

        <Expression>

          <RegExExpression>

            <ValueExpression>

              <XPathQuery Type="String">PublisherName</XPathQuery>

            </ValueExpression>

            <Operator>MatchesMOM2005RegularExpression</Operator>

            <Pattern>(^AD FS$)</Pattern>

          </RegExExpression>

        </Expression>

      </And>

    </FirstExpression>

    <SecondComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</SecondComputerName>

    <SecondLogName>$Target/Property[Type="Microsoft.ActiveDirectoryFederationServices.2016.FederationServer"]/ADFSEventLog$</SecondLogName>

    <SecondExpression>

      <And>

        <Expression>

          <SimpleExpression>

            <ValueExpression>

              <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>

            </ValueExpression>

            <Operator>Equal</Operator>

            <ValueExpression>

              <Value Type="UnsignedInteger">100</Value>

            </ValueExpression>

          </SimpleExpression>

        </Expression>

        <Expression>

          <RegExExpression>

            <ValueExpression>

              <XPathQuery Type="String">PublisherName</XPathQuery>

            </ValueExpression>

            <Operator>MatchesMOM2005RegularExpression</Operator>

            <Pattern>(^AD FS$)</Pattern>

          </RegExExpression>

        </Expression>

      </And>

    </SecondExpression>

  </Configuration>

</UnitMonitor>