Home
  •  

Erreur de vérification de la signature du service de résolution d'artefacts

Microsoft.ActiveDirectoryFederationServices2012R2.TokenIssuanceArtifactResolutionServiceSignatureVerificationErrorRule (Rule)

Knowledge Base article:

Résumé

Le service de résolution d'artefacts n'a pas pu vérifier la signature de la demande.

Causes

La configuration du fournisseur de revendications ou son certificat de signature ne sont pas configurés pour signer des requêtes ou sont obsolètes.

Résolutions

Configurez le certificat de la partie de confiance pour la signature de requêtes.

Vérifiez que le certificat de la partie de confiance est à jour.

Element properties:

TargetMicrosoft.ActiveDirectoryFederationServices2012R2.TokenIssuance
CategoryConfigurationHealth
EnabledTrue
Event_ID354
Alert GenerateTrue
Alert SeverityWarning
Alert PriorityNormal
RemotableTrue
Alert Message
Erreur de vérification de la signature du service de résolution d'artefacts
Le service de résolution d'artefacts n'a pas pu vérifier la signature de la demande.
Event Log$Target/Host/Host/Property[Type="Microsoft.ActiveDirectoryFederationServices2012R2.FederationServer"]/ADFSEventLog$

Member Modules:

ID Module Type TypeId RunAs 
DS DataSource Microsoft.Windows.EventProvider Default
Alert WriteAction System.Health.GenerateAlert Default

Source Code:

<Rule ID="Microsoft.ActiveDirectoryFederationServices2012R2.TokenIssuanceArtifactResolutionServiceSignatureVerificationErrorRule" Enabled="true" Target="Microsoft.ActiveDirectoryFederationServices2012R2.TokenIssuance" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">

  <Category>ConfigurationHealth</Category>

  <DataSources>

    <DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">

      <ComputerName>$Target/Host/Host/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>

      <LogName>$Target/Host/Host/Property[Type="Microsoft.ActiveDirectoryFederationServices2012R2.FederationServer"]/ADFSEventLog$</LogName>

      <Expression>

        <And>

          <Expression>

            <SimpleExpression>

              <ValueExpression>

                <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>

              </ValueExpression>

              <Operator>Equal</Operator>

              <ValueExpression>

                <Value Type="UnsignedInteger">354</Value>

              </ValueExpression>

            </SimpleExpression>

          </Expression>

          <Expression>

            <RegExExpression>

              <ValueExpression>

                <XPathQuery Type="String">PublisherName</XPathQuery>

              </ValueExpression>

              <Operator>MatchesMOM2005RegularExpression</Operator>

              <Pattern>(^AD FS$)</Pattern>

            </RegExExpression>

          </Expression>

        </And>

      </Expression>

    </DataSource>

  </DataSources>

  <WriteActions>

    <WriteAction ID="Alert" TypeID="Health!System.Health.GenerateAlert">

      <Priority>1</Priority>

      <Severity>1</Severity>

      <AlertName/>

      <AlertDescription/>

      <AlertOwner/>

      <AlertMessageId>$MPElement[Name="Microsoft.ActiveDirectoryFederationServices2012R2.TokenIssuanceArtifactResolutionServiceSignatureVerificationErrorRule.AlertMessage"]$</AlertMessageId>

      <AlertParameters/>

      <Suppression>

        <SuppressionValue>$Data/EventDisplayNumber$</SuppressionValue>

      </Suppression>

      <Custom1/>

      <Custom2/>

      <Custom3/>

      <Custom4/>

      <Custom5/>

      <Custom6/>

      <Custom7/>

      <Custom8/>

      <Custom9/>

      <Custom10/>

    </WriteAction>

  </WriteActions>

</Rule>