Bu izleyici, AD FS Windows hizmetiyle ilişkili hizmet hesabının AD FS yapılandırma veritabanında yapılandırılan belirteç imzalama sertifikaları veya belirteç şifre çözme sertifikalarının özel anahtarı için izninin olmadığını gösterir.
AD FS hizmeti hesabının, yapılandırılan sertifikalar için özel anahtarları okuma izni yok.
AD FS hizmeti hesabının sertifika özel anahtarlarında okuma izinlerinin olduğundan emin olun. Ek bilgi için AD FS sorun giderme kılavuzundaki "Sertifikalar için özel anahtarlara AD FS hizmeti kullanıcı hesabı tarafından erişilebildiğini onaylama" bölümüne bakın.
Target | Microsoft.ActiveDirectoryFederationServices2012R2.TokenIssuance | ||
Parent Monitor | System.Health.ConfigurationState | ||
Category | ConfigurationHealth | ||
Enabled | True | ||
Alert Generate | True | ||
Alert Severity | Error | ||
Alert Priority | Normal | ||
Alert Auto Resolve | True | ||
Monitor Type | Microsoft.Windows.2SingleEventLog2StateMonitorType | ||
Remotable | True | ||
Accessibility | Public | ||
Alert Message |
| ||
RunAs | Default |
<UnitMonitor ID="Microsoft.ActiveDirectoryFederationServices2012R2.TokenIssuanceCertPrivateKeyInaccessibleErrorMonitor" Accessibility="Public" Enabled="true" Target="Microsoft.ActiveDirectoryFederationServices2012R2.TokenIssuance" ParentMonitorID="Health!System.Health.ConfigurationState" Remotable="true" Priority="Normal" TypeID="Windows!Microsoft.Windows.2SingleEventLog2StateMonitorType" ConfirmDelivery="true">
<Category>ConfigurationHealth</Category>
<AlertSettings AlertMessage="Microsoft.ActiveDirectoryFederationServices2012R2.TokenIssuanceCertPrivateKeyInaccessibleErrorMonitor_AlertMessageResourceID">
<AlertOnState>Error</AlertOnState>
<AutoResolve>true</AutoResolve>
<AlertPriority>Normal</AlertPriority>
<AlertSeverity>Error</AlertSeverity>
</AlertSettings>
<OperationalStates>
<OperationalState ID="FirstEventRaised" MonitorTypeStateID="FirstEventRaised" HealthState="Error"/>
<OperationalState ID="SecondEventRaised" MonitorTypeStateID="SecondEventRaised" HealthState="Success"/>
</OperationalStates>
<Configuration>
<FirstComputerName>$Target/Host/Host/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</FirstComputerName>
<FirstLogName>$Target/Host/Host/Property[Type="Microsoft.ActiveDirectoryFederationServices2012R2.FederationServer"]/ADFSEventLog$</FirstLogName>
<FirstExpression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">387</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<RegExExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>MatchesMOM2005RegularExpression</Operator>
<Pattern>(^AD FS$)</Pattern>
</RegExExpression>
</Expression>
</And>
</FirstExpression>
<SecondComputerName>$Target/Host/Host/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</SecondComputerName>
<SecondLogName>$Target/Host/Host/Property[Type="Microsoft.ActiveDirectoryFederationServices2012R2.FederationServer"]/ADFSEventLog$</SecondLogName>
<SecondExpression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">388</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<RegExExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>MatchesMOM2005RegularExpression</Operator>
<Pattern>(^AD FS$)</Pattern>
</RegExExpression>
</Expression>
</And>
</SecondExpression>
</Configuration>
</UnitMonitor>