ADFS 2.0; The Service is Unavailable Error
Hi,
I just came to understand that while using the Step by step guides for ADFS 2.0 alongwith combination of the Virtual machines that are present at connect Microsoft website, you might receive "Service Unavailable" errors while trying to navigate to ADFS asmx services or FederationMetadata.xml file.
The virtual Machines present at Microsoft connect location (below) have the Token-signing certificate and token-decrypting certificates on ContosoDC server expired on April 22 2011. Because of this ADFS is not able to build the certificate chain for these operations and as a result metadata endpoints are not exposed. An end user trying to work with these labs simply doesn’t see federationmetadata.xml file.
Temporary Resolution:
While it would take time to get the VMs updated, you can work ahead by renewing the certificates manually. In order to do so folow below steps:
1. Log in as Administrator on ContosoDC
2. Open Powershell in administrative mode and enter the command: "Add-PSSnapin Microsoft.Adfs.Powershell"
3. Enter following commands one by one. After hitting enter, you need to wait till the command prompt returns back.
Update-ADFSCertificate -CertificateType: Token-Signing -Urgent:$true
Update-ADFSCertificate -CertificateType: Token-Decrypting-Urgent:$true
VM Location: https://connect.microsoft.com/site642/Downloads/DownloadDetails.aspx?DownloadID=29506
Rahul Gangwar
Comments
Anonymous
July 03, 2011
The comment has been removedAnonymous
October 10, 2011
Hey Rahul Worked perfectly, thanks!Anonymous
November 03, 2011
Thanks Rahul, you save me a lot of hours :)