Verificatiefout bij de handtekening van de artefact-omzettingsservice

Microsoft.ActiveDirectoryFederationServices.2016.TokenIssuanceArtifactResolutionServiceSignatureVerificationErrorRule (Rule)

Knowledge Base article:

Samenvatting

De artefact-omzettingsservice kan de aanvraaghandtekening niet controleren.

Oorzaken

De configuratie van de claimprovider of het handtekeningcertificaat is niet geconfigureerd om aanvragen te ondertekenen of is verouderd.

Oplossingen

Configureer het certificaat van de relying party op het ondertekenen van de aanvraag.

Controleer of het certificaat van de relying party is bijgewerkt.

Element properties:

Target

Microsoft.ActiveDirectoryFederationServices.2016.TokenIssuance

Category

ConfigurationHealth

Enabled

True

Event_ID

354

Alert Generate

True

Alert Severity

Warning

Alert Priority

Normal

Remotable

True

Alert Message

Verificatiefout bij de handtekening van de artefact-omzettingsservice

De artefact-omzettingsservice kan de aanvraaghandtekening niet controleren.

Event Log

$Target/Host/Host/Property[Type="Microsoft.ActiveDirectoryFederationServices.2016.FederationServer"]/ADFSEventLog$

Member Modules:

ID	Module Type	TypeId	RunAs
DS	DataSource	Microsoft.Windows.EventProvider	Default
Alert	WriteAction	System.Health.GenerateAlert	Default

Source Code:

<Rule ID="Microsoft.ActiveDirectoryFederationServices.2016.TokenIssuanceArtifactResolutionServiceSignatureVerificationErrorRule" Enabled="true" Target="Microsoft.ActiveDirectoryFederationServices.2016.TokenIssuance" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">

  <Category>ConfigurationHealth</Category>

  <DataSources>

    <DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">

      <ComputerName>$Target/Host/Host/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>

      <LogName>$Target/Host/Host/Property[Type="Microsoft.ActiveDirectoryFederationServices.2016.FederationServer"]/ADFSEventLog$</LogName>

      <Expression>

        <And>

          <Expression>

            <SimpleExpression>

              <ValueExpression>

                <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>

              </ValueExpression>

              <Operator>Equal</Operator>

              <ValueExpression>

                <Value Type="UnsignedInteger">354</Value>

              </ValueExpression>

            </SimpleExpression>

          </Expression>

          <Expression>

            <RegExExpression>

              <ValueExpression>

                <XPathQuery Type="String">PublisherName</XPathQuery>

              </ValueExpression>

              <Operator>MatchesMOM2005RegularExpression</Operator>

              <Pattern>(^AD FS$)</Pattern>

            </RegExExpression>

          </Expression>

        </And>

      </Expression>

    </DataSource>

  </DataSources>

  <WriteActions>

    <WriteAction ID="Alert" TypeID="Health!System.Health.GenerateAlert">

      <Priority>1</Priority>

      <Severity>1</Severity>

      <AlertName/>

      <AlertDescription/>

      <AlertOwner/>

      <AlertMessageId>$MPElement[Name="Microsoft.ActiveDirectoryFederationServices.2016.TokenIssuanceArtifactResolutionServiceSignatureVerificationErrorRule.AlertMessage"]$</AlertMessageId>

      <AlertParameters/>

      <Suppression>

        <SuppressionValue>$Data/EventDisplayNumber$</SuppressionValue>

      </Suppression>

      <Custom1/>

      <Custom2/>

      <Custom3/>

      <Custom4/>

      <Custom5/>

      <Custom6/>

      <Custom7/>

      <Custom8/>

      <Custom9/>

      <Custom10/>

    </WriteAction>

  </WriteActions>

</Rule>