Home
  •  

Configuration Missing SAML Assertion Consumer Services Error

Microsoft.ActiveDirectoryFederationServices.2016.TokenIssuanceConfigurationMissingAssertionConsumerServicesErrorRule (Rule)

Knowledge Base article:

Summary

The relying party is not configured with SAML Assertion Consumer Services.

Causes

The relying party is not configured with the SAML Assertion Consumer Services.

Resolutions

Use the AD FS snap-in to configure one or more Assertion Consumer Services for this relying party. To configure SAML Assertion Consumer Services, add or update the required SAML assertion consumer endpoints on the Endpoints tab in the properties for this relying party trust.

If you imported metadata, check your metadata provider configuration. If you configured your relying party trust manually, check the relying party trust configuration locally on the federation server computer. If you imported metadata to configure your relying party trust, verify that the configuration of your metadata partner server is accurate and up to date.

Element properties:

TargetMicrosoft.ActiveDirectoryFederationServices.2016.TokenIssuance
CategoryConfigurationHealth
EnabledTrue
Event_ID258
Alert GenerateTrue
Alert SeverityWarning
Alert PriorityNormal
RemotableTrue
Alert Message
Configuration Missing SAML Assertion Consumer Services Error
The relying party '{0}' is not configured with SAML Assertion Consumer Services.
Event Log$Target/Host/Host/Property[Type="Microsoft.ActiveDirectoryFederationServices.2016.FederationServer"]/ADFSEventLog$

Member Modules:

ID Module Type TypeId RunAs 
DS DataSource Microsoft.Windows.EventProvider Default
Alert WriteAction System.Health.GenerateAlert Default

Source Code:

<Rule ID="Microsoft.ActiveDirectoryFederationServices.2016.TokenIssuanceConfigurationMissingAssertionConsumerServicesErrorRule" Enabled="true" Target="Microsoft.ActiveDirectoryFederationServices.2016.TokenIssuance" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">

  <Category>ConfigurationHealth</Category>

  <DataSources>

    <DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">

      <ComputerName>$Target/Host/Host/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>

      <LogName>$Target/Host/Host/Property[Type="Microsoft.ActiveDirectoryFederationServices.2016.FederationServer"]/ADFSEventLog$</LogName>

      <Expression>

        <And>

          <Expression>

            <SimpleExpression>

              <ValueExpression>

                <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>

              </ValueExpression>

              <Operator>Equal</Operator>

              <ValueExpression>

                <Value Type="UnsignedInteger">258</Value>

              </ValueExpression>

            </SimpleExpression>

          </Expression>

          <Expression>

            <RegExExpression>

              <ValueExpression>

                <XPathQuery Type="String">PublisherName</XPathQuery>

              </ValueExpression>

              <Operator>MatchesMOM2005RegularExpression</Operator>

              <Pattern>(^AD FS$)</Pattern>

            </RegExExpression>

          </Expression>

        </And>

      </Expression>

    </DataSource>

  </DataSources>

  <WriteActions>

    <WriteAction ID="Alert" TypeID="Health!System.Health.GenerateAlert">

      <Priority>1</Priority>

      <Severity>1</Severity>

      <AlertOwner/>

      <AlertMessageId>$MPElement[Name="Microsoft.ActiveDirectoryFederationServices.2016.TokenIssuanceConfigurationMissingAssertionConsumerServicesErrorRule.AlertMessage"]$</AlertMessageId>

      <AlertParameters>

        <AlertParameter1>$Data/Params/Param[1]$</AlertParameter1>

      </AlertParameters>

      <Suppression>

        <SuppressionValue>$Data/Params/Param[1]$</SuppressionValue>

      </Suppression>

      <Custom1/>

      <Custom2/>

      <Custom3/>

      <Custom4/>

      <Custom5/>

      <Custom6/>

      <Custom7/>

      <Custom8/>

      <Custom9/>

      <Custom10/>

    </WriteAction>

  </WriteActions>

</Rule>