The AD FS federation passive Web site application is missing in IIS on the federation server proxy.
The AD FS federation passive Web site application was deleted.
Add an IIS application for the AD FS federation passive Web site:
1. Create a new folder named adfs under %system root%\inetpub\.
2. Create a new folder named ls under %system root%\inetpub\adfs\.
3. Copy all the files under %windir%\ADFS\WSFederationPassive.Web\ to %system root%\inetpub\adfs\ls\.
4. Create a new application pool named ADFSAppPool under Application Pools in the IIS Manager snap-in. Make sure that this application pool is started after you create it.
5. Under Default Web Site on IIS, add a new Application with the alias named adfs with physical path pointing to %system root%\inetpub\adfs and the application pool selected as ADFSAppPool.
6. Under adfs application , add a new Application with the alias named ls with physical path pointing to %system root%\inetpub\adfs\ls and application pool selected as ADFSAppPool.
Target | Microsoft.ActiveDirectoryFederationServices20.FederationServerProxyWebsites | ||
Parent Monitor | System.Health.AvailabilityState | ||
Category | AvailabilityHealth | ||
Enabled | True | ||
Alert Generate | True | ||
Alert Severity | Error | ||
Alert Priority | Normal | ||
Alert Auto Resolve | True | ||
Monitor Type | Microsoft.ActiveDirectoryFederationServices20.TwoStateScriptMonitorType | ||
Remotable | True | ||
Accessibility | Public | ||
Alert Message |
| ||
RunAs | Default |
<UnitMonitor ID="Microsoft.ActiveDirectoryFederationServices20.FederationServerProxyWebsitesIISVDirMonitor" Accessibility="Public" Enabled="true" Target="Microsoft.ActiveDirectoryFederationServices20.FederationServerProxyWebsites" ParentMonitorID="Health!System.Health.AvailabilityState" Remotable="true" Priority="Normal" TypeID="Microsoft.ActiveDirectoryFederationServices20.TwoStateScriptMonitorType" ConfirmDelivery="false">
<Category>AvailabilityHealth</Category>
<AlertSettings AlertMessage="Microsoft.ActiveDirectoryFederationServices20.FederationServerProxyWebsitesIISVDirMonitor_AlertMessageResourceID">
<AlertOnState>Error</AlertOnState>
<AutoResolve>true</AutoResolve>
<AlertPriority>Normal</AlertPriority>
<AlertSeverity>Error</AlertSeverity>
</AlertSettings>
<OperationalStates>
<OperationalState ID="Success" MonitorTypeStateID="Success" HealthState="Success"/>
<OperationalState ID="Error" MonitorTypeStateID="Error" HealthState="Error"/>
</OperationalStates>
<Configuration>
<PowerShellPath>%windir%\system32\windowspowershell\v1.0\powershell.exe</PowerShellPath>
<ScriptName>FederationServerProxyWebsitesIISVDirCheck.ps1</ScriptName>
<ScriptBody>
function GetNodeFromConfig($vDir, [string] $xpath, $nsmgr)
{
$config = ($vDir.path + "\web.config")
$cpNode = $null
if ([System.IO.File]::Exists($config))
{
[System.Xml.XmlDocument] $xd = new-object System.Xml.XmlDocument
$xd.load( $config )
$cpNode = $xd.SelectSingleNode($xpath,$nsmgr)
}
return $cpNode
}
function GetFedPassiveVDir()
{
$fpVDir = $null
$vDir = $vDirs | where {$_.name.EndsWith( "/adfs/ls" )}
if (-not(($vDir -eq $null)))
{
$fpVDir = $vDir
}
else
{
foreach ($vDir in $vDirs)
{
$temp = GetNodeFromConfig $vDir "configuration/microsoft.identityServer.web" $null
if (-not(($temp -eq $null)))
{
$fpVDir = $vDir
break;
}
}
}
return $fpVDir
}
$scomapi = new-object -comObject "MOM.ScriptAPI"
$scomapi.LogScriptEvent("ActiveDirectoryFederationServices", 900, 4, "IIS VDir check PowerShell monitoring script")
$script:vDirOK = $true
$script:vDirName = ""
#try
&{
$vDirs = Get-WmiObject -namespace root/MicrosoftIISV2 -class IISWebVirtualDirSetting
$vDir = GetFedPassiveVDir
if ( $vDir -eq $null)
{
$script:vDirOK = $false
$script:vDirName = "/adfs/ls"
}
}
trap [System.Exception]
{
$scomapi.LogScriptEvent("ActiveDirectoryFederationServices", 901, 2, "IIS VDir check PowerShell monitoring script failed. " + $_.Exception.Message )
continue
}
$scompb = $scomapi.CreatePropertyBag()
$scompb.AddValue("VDirOK", $script:vDirOK )
$scompb.AddValue("VDir", $script:vDirName )
$scomapi.AddItem($scompb)
$scomapi.ReturnItems()
</ScriptBody>
<IntervalSeconds>300</IntervalSeconds>
<TimeoutSeconds>180</TimeoutSeconds>
<ErrorExpression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="String">Property[@Name='VDirOK']</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="String">false</Value>
</ValueExpression>
</SimpleExpression>
</ErrorExpression>
<SuccessExpression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="String">Property[@Name='VDirOK']</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="String">true</Value>
</ValueExpression>
</SimpleExpression>
</SuccessExpression>
</Configuration>
</UnitMonitor>