MEX Endpoint Is Unreachable

Microsoft.ActiveDirectoryFederationServices2012R2.TokenIssuanceFederationServerMEXEndpointMonitor (UnitMonitor)

Knowledge Base article:

Element properties:

Source Code:

<UnitMonitor ID="Microsoft.ActiveDirectoryFederationServices2012R2.TokenIssuanceFederationServerMEXEndpointMonitor" Accessibility="Public" Enabled="true" Target="Microsoft.ActiveDirectoryFederationServices2012R2.TokenIssuance" ParentMonitorID="Health!System.Health.ConfigurationState" Remotable="true" Priority="Normal" TypeID="Microsoft.ActiveDirectoryFederationServices2012R2.TwoStateScriptMonitorType" ConfirmDelivery="false">

  <Category>ConfigurationHealth</Category>

  <AlertSettings AlertMessage="Microsoft.ActiveDirectoryFederationServices2012R2.TokenIssuanceFederationServerMEXEndpointMonitor_AlertMessageResourceID">

    <AlertOnState>Warning</AlertOnState>

    <AutoResolve>true</AutoResolve>

    <AlertPriority>Normal</AlertPriority>

    <AlertSeverity>Warning</AlertSeverity>

    <AlertParameters>

      <AlertParameter1>$Data/Context/Property[@Name='MexURL']$</AlertParameter1>

    </AlertParameters>

  </AlertSettings>

  <OperationalStates>

    <OperationalState ID="Success" MonitorTypeStateID="Success" HealthState="Success"/>

    <OperationalState ID="Error" MonitorTypeStateID="Error" HealthState="Warning"/>

  </OperationalStates>

  <Configuration>

    <PowerShellPath>%windir%\system32\windowspowershell\v1.0\powershell.exe</PowerShellPath>

    <ScriptName>FederationServerMEXEndpointCheck.ps1</ScriptName>

    <ScriptBody><Script>

                        $script:mexOK = $false

                        $script:exceptionMessage = ""

                        $script:mexUri = ""



                        $scomapi = new-object -comObject "MOM.ScriptAPI"

                        $scomapi.LogScriptEvent("ActiveDirectoryFederationServices", 600, 4, "Federation server MEX endpoint check PowerShell monitoring script")



                        # Load System.ServiceModel assembly

                        [System.Reflection.Assembly]::LoadWithPartialName("System.ServiceModel")



                        Import-Module adfs



                        if (get-adfssyncproperties).Role -eq "PrimaryComputer"

                        {

                        #try

                        &amp;{

                        $binding = new-object System.ServiceModel.WSHttpBinding( [System.ServiceModel.SecurityMode]::Transport )

                        $binding.Name = "MetadataExchangeBinding"

                        $binding.Namespace = "http://schemas.microsoft.com/ws/2005/02/mex/bindings"



                        $binding.Security.Mode = [System.ServiceModel.SecurityMode]::Transport

                        $binding.Security.Transport.ClientCredentialType = [System.ServiceModel.HttpClientCredentialType]::None

                        $binding.MaxReceivedMessageSize = 64 * 1024 * 1024



                        $mexClient =  new-object System.ServiceModel.Description.MetadataExchangeClient $binding

                        $uriString = Get-ADFSEndpoint | Where-Object {$_.Protocol -eq "WS-Mex"} | Select-Object FullUrl

                        $uri = New-Object System.Uri $uriString.FullUrl



                        $script:mexUri = $uriString.FullUrl.AbsoluteUri



                        #Do Http Get of Mex

                        $mexClient.GetMetadata( $uri, [System.ServiceModel.Description.MetadataExchangeClientMode]::HttpGet )



                        #Do SOAP Get of Mex

                        $mexClient.GetMetadata( $uri, [System.ServiceModel.Description.MetadataExchangeClientMode]::MetadataExchange )



                        $script:mexOK = $true

                        }

                        trap [System.Exception]

                        {

                        $script:mexOK = $false

                        $script:exceptionMessage = $_.Exception.Message

                        continue

                        }



                        $scompb = $scomapi.CreatePropertyBag()

                        $scompb.AddValue("MexOK",  $script:mexOK )

                        $scompb.AddValue("MexURL",  $script:mexUri )

                        $scompb.AddValue("ErrorMessage",  $script:exceptionMessage )

                        $scomapi.AddItem($scompb)

                        $scomapi.ReturnItems()

                        }

                    </Script></ScriptBody>

    <IntervalSeconds>900</IntervalSeconds>

    <TimeoutSeconds>180</TimeoutSeconds>

    <ErrorExpression>

      <SimpleExpression>

        <ValueExpression>

          <XPathQuery Type="String">Property[@Name='MexOK']</XPathQuery>

        </ValueExpression>

        <Operator>Equal</Operator>

        <ValueExpression>

          <Value Type="String">false</Value>

        </ValueExpression>

      </SimpleExpression>

    </ErrorExpression>

    <SuccessExpression>

      <SimpleExpression>

        <ValueExpression>

          <XPathQuery Type="String">Property[@Name='MexOK']</XPathQuery>

        </ValueExpression>

        <Operator>Equal</Operator>

        <ValueExpression>

          <Value Type="String">true</Value>

        </ValueExpression>

      </SimpleExpression>

    </SuccessExpression>

  </Configuration>

</UnitMonitor>