å˜—è©¦å•Ÿç”¨æ¤ Federation Service 的一個或多個端點時,AD FS Windows æœå‹™åœ¨é‡æ–°å•Ÿå‹•æœŸé–“發生錯誤。
如果 AD FS Windows æœå‹™æœªç™¼ç”Ÿä¾‹å¤–ç‹€æ³äº‹ä»¶è€ŒæˆåŠŸå•Ÿå‹•ï¼Œç›£è¦–å™¨æœƒè®Šç‚ºç¶ è‰²ç‹€æ…‹ï¼Œä¸”åŽŸå§‹çš„é‡å¤§è¦ç¤ºå°‡è‡ªå‹•è§£æ±ºã€‚
Federation Service 在æœå‹™å•Ÿå‹•æ™‚若有å•é¡Œï¼Œå³æœƒç™¼ç”Ÿæ¤éŒ¯èª¤ã€‚如需有關æ¤å¤±æ•—åŽŸå› çš„æ›´å¤šè©³ç´°è³‡æ–™ï¼Œè«‹æª¢è¦–äº‹ä»¶ä¸æ‰€æ供的其他資訊。æ¤äº‹ä»¶çš„部分å¯èƒ½åŽŸå› 包括以下:
無法從憑è‰å˜æ”¾å€è¼‰å…¥æ†‘è‰ã€‚
執行 SQL Server 或 Windows 內部資料庫 (WID) 的電腦 (用於 AD FS 組態) 無法使用
ç«¯é»žå› ç¼ºå°‘æ¬Šé™è€Œç„¡æ³•å•Ÿå‹•
使用事件ä¸æ‰€æ供的其他資訊判斷æ¤å•é¡Œçš„æ£ç¢ºè§£æ±ºæ–¹å¼ã€‚æ ¹æ“šäº‹ä»¶ä¸çš„特定資料,部分å¯èƒ½è§£æ±ºæ–¹å¼å¦‚下:
如果該å•é¡Œç‚ºæ†‘è‰çµ„æ…‹å•é¡Œï¼Œè«‹ä½¿ç”¨ Set-ADFSCertificate Cmdlet 修改或更新憑è‰çµ„態。
如果是 SQL Server å•é¡Œï¼Œè«‹éµå¾ª AD FS 疑難排解指å—ä¸çš„<疑難排解事件è˜åˆ¥ç¢¼ 220>一節內的疑難排解æ¥é©Ÿé€²è¡Œã€‚
如果該å•é¡Œæ˜¯å› 為缺少端點權é™æ‰€å¼•èµ·ï¼Œè«‹ä½¿ç”¨ netsh å·¥å…·åŠ ä»¥ç¢ºèªï¼Œä¸¦ä¿®æ£æ¬Šé™ã€‚
Target | Microsoft.ActiveDirectoryFederationServices.2016.FederationServer | ||
Parent Monitor | System.Health.AvailabilityState | ||
Category | AvailabilityHealth | ||
Enabled | True | ||
Alert Generate | True | ||
Alert Severity | Error | ||
Alert Priority | Normal | ||
Alert Auto Resolve | True | ||
Monitor Type | Microsoft.Windows.2SingleEventLog2StateMonitorType | ||
Remotable | True | ||
Accessibility | Public | ||
Alert Message |
| ||
RunAs | Default |
<UnitMonitor ID="Microsoft.ActiveDirectoryFederationServices.2016.FederationServerStartupExceptionMonitor" Accessibility="Public" Enabled="true" Target="Microsoft.ActiveDirectoryFederationServices.2016.FederationServer" ParentMonitorID="Health!System.Health.AvailabilityState" Remotable="true" Priority="Normal" TypeID="Windows!Microsoft.Windows.2SingleEventLog2StateMonitorType" ConfirmDelivery="true">
<Category>AvailabilityHealth</Category>
<AlertSettings AlertMessage="Microsoft.ActiveDirectoryFederationServices.2016.FederationServerStartupExceptionMonitor_AlertMessageResourceID">
<AlertOnState>Error</AlertOnState>
<AutoResolve>true</AutoResolve>
<AlertPriority>Normal</AlertPriority>
<AlertSeverity>Error</AlertSeverity>
</AlertSettings>
<OperationalStates>
<OperationalState ID="FirstEventRaised" MonitorTypeStateID="FirstEventRaised" HealthState="Error"/>
<OperationalState ID="SecondEventRaised" MonitorTypeStateID="SecondEventRaised" HealthState="Success"/>
</OperationalStates>
<Configuration>
<FirstComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</FirstComputerName>
<FirstLogName>$Target/Property[Type="Microsoft.ActiveDirectoryFederationServices.2016.FederationServer"]/ADFSEventLog$</FirstLogName>
<FirstExpression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">102</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<RegExExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>MatchesMOM2005RegularExpression</Operator>
<Pattern>(^AD FS$)</Pattern>
</RegExExpression>
</Expression>
</And>
</FirstExpression>
<SecondComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</SecondComputerName>
<SecondLogName>$Target/Property[Type="Microsoft.ActiveDirectoryFederationServices.2016.FederationServer"]/ADFSEventLog$</SecondLogName>
<SecondExpression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">100</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<RegExExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>MatchesMOM2005RegularExpression</Operator>
<Pattern>(^AD FS$)</Pattern>
</RegExExpression>
</Expression>
</And>
</SecondExpression>
</Configuration>
</UnitMonitor>