NepodaÅ™ilo se vytvoÅ™it dokument metadat federace

Microsoft.ActiveDirectoryFederationServices.2016.TrustManagementUnableToCreateFederationMetadataDocumentMonitor (UnitMonitor)

Knowledge Base article:

Souhrn

Tento monitor indikuje, Å¾e sluÅ¾bÄ› Federation Service se nepodaÅ™ilo vytvoÅ™it dokument metadat federace.

Pokud ke stejnÃ©mu problÃ©mu nedojde bÄ›hem 15 minut znovu, stav tohoto monitoru se vrÃ¡tÃ zpÃ¡tky na zelenÃ½. VÃ½strahu vygenerovanou tÃmto monitorem je tÅ™eba vyÅ™eÅ¡it ruÄnÄ›.

PÅ™ÃÄiny

NÃÅ¾e jsou vedeny moÅ¾nÃ© pÅ™ÃÄiny tÃ©to udÃ¡losti:

Popis deklaracÃ obsahuje nejednotnou hodnotu identifikÃ¡toru URI.
V dokumentu metadat federace jsou chyby ovÄ›Å™enÃ dokumentu.

DalÅ¡Ã informace o pÅ™ÃÄinÄ› tÃ©to udÃ¡losti jsou uvedeny v dalÅ¡Ãch podrobnostech, kterÃ© jsou specifikovÃ¡ny v udÃ¡losti.

Å˜eÅ¡enÃ

PomocÃ pÅ™ÃkazÅ¯ netsh pro protokol HTTP ke kontrole oprÃ¡vnÄ›nÃ URL ACL pro adresu URL vaÅ¡eho koncovÃ©ho bodu metadat federace nebo jinÃ© adresy URL, kterÃ© mohou pÅ™epsat oprÃ¡vnÄ›nÃ potÅ™ebnÃ¡ pro koncovÃ© body, kterÃ© federaÄnÃ server pouÅ¾ÃvÃ¡. For more information, see the examples for netsh http show urlacl syntax in PÅ™Ãkazy Netsh pro protokol HTTP

NÃ¡sledujÃcÃ pÅ™Ãkaz ukazuje obvyklÃ½ vÃ½stup pÅ™Ãkazu netsh http show urlacl, kdyÅ¾ kontrolujete oprÃ¡vnÄ›nÃ koncovÃ©ho bodu metadat federace, u kterÃ½ch byl nakonfigurovanÃ½ uÅ¾ivatelsky definovanÃ½ ÃºÄet uÅ¾ivatele ("adfssrv"), pouÅ¾itÃ½ pro identitu sluÅ¾by AD FS.

C:\>netsh http show urlacl url=https://+:443/FederationMetadata/2007-06/

Rezervace adres URL : https://+:443/FederationMetadata/2007-06/

UÅ¾ivatel: NT SERVICE\adfssrv

NaslouchÃ¡nÃ: Ano

DelegovÃ¡nÃ: Ano

SDDL: D:(A;;GA;;;S-1-5-80-2246541699-21809830-3603976364-117610243-975697593)

Element properties:

Target

Microsoft.ActiveDirectoryFederationServices.2016.TrustManagement

Parent Monitor

System.Health.ConfigurationState

Category

ConfigurationHealth

Enabled

True

Alert Generate

True

Alert Severity

Warning

Alert Priority

Normal

Alert Auto Resolve

True

Monitor Type

Microsoft.Windows.SingleEventLogTimer2StateMonitorType

Remotable

True

Accessibility

Public

Alert Message

NepodaÅ™ilo se vytvoÅ™it dokument metadat federace

SluÅ¾bÄ› Federation Service se nepodaÅ™ilo vytvoÅ™it dokument metadat federace. Podrobnosti o udÃ¡losti jsou uvedeny na kartÄ› Kontext vÃ½strahy.

RunAs

Default

Source Code:

<UnitMonitor ID="Microsoft.ActiveDirectoryFederationServices.2016.TrustManagementUnableToCreateFederationMetadataDocumentMonitor" Accessibility="Public" Enabled="true" Target="Microsoft.ActiveDirectoryFederationServices.2016.TrustManagement" ParentMonitorID="Health!System.Health.ConfigurationState" Remotable="true" Priority="Normal" TypeID="Windows!Microsoft.Windows.SingleEventLogTimer2StateMonitorType" ConfirmDelivery="true">

  <Category>ConfigurationHealth</Category>

  <AlertSettings AlertMessage="Microsoft.ActiveDirectoryFederationServices.2016.TrustManagementUnableToCreateFederationMetadataDocumentMonitor_AlertMessageResourceID">

    <AlertOnState>Warning</AlertOnState>

    <AutoResolve>true</AutoResolve>

    <AlertPriority>Normal</AlertPriority>

    <AlertSeverity>Warning</AlertSeverity>

  </AlertSettings>

  <OperationalStates>

    <OperationalState ID="EventRaised" MonitorTypeStateID="EventRaised" HealthState="Warning"/>

    <OperationalState ID="TimerEventRaised" MonitorTypeStateID="TimerEventRaised" HealthState="Success"/>

  </OperationalStates>

  <Configuration>

    <ComputerName>$Target/Host/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>

    <LogName>$Target/Host/Property[Type="Microsoft.ActiveDirectoryFederationServices.2016.FederationServer"]/ADFSEventLog$</LogName>

    <Expression>

      <And>

        <Expression>

          <SimpleExpression>

            <ValueExpression>

              <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>

            </ValueExpression>

            <Operator>Equal</Operator>

            <ValueExpression>

              <Value Type="UnsignedInteger">143</Value>

            </ValueExpression>

          </SimpleExpression>

        </Expression>

        <Expression>

          <RegExExpression>

            <ValueExpression>

              <XPathQuery Type="String">PublisherName</XPathQuery>

            </ValueExpression>

            <Operator>MatchesMOM2005RegularExpression</Operator>

            <Pattern>(^AD FS$)</Pattern>

          </RegExExpression>

        </Expression>

      </And>

    </Expression>

    <TimerWaitInSeconds>900</TimerWaitInSeconds>

  </Configuration>

</UnitMonitor>

NepodaÅ™ilo se vytvoÅ™it dokument metadat federace

Microsoft.ActiveDirectoryFederationServices.2016.TrustManagementUnableToCreateFederationMetadataDocumentMonitor (UnitMonitor)

Knowledge Base article:

Souhrn

PÅ™Ã­Äiny

Å˜eÅ¡enÃ­

Element properties:

Source Code:

PÅ™ÃÄiny

Å˜eÅ¡enÃ