Share via


ADFS 3.0 service hangs at startup on a domain controller

If you are facing the situation where the ADFS 3.0 (Active Directory Federation Services) service hangs after a restart, the reason might be that the "Microsoft Key Distribution Service" has not started up on-demand as needed by ADFS. This issue seems to occur when ADFS is hosted on a box that is also acting as a domain controller. A nice solution to this issue is to tie startup of "Microsoft Key Distribution Service" to network startup via the following command

  sc triggerinfo kdssvc start/networkon

as suggested in the following forum thread:

https://social.technet.microsoft.com/Forums/windowsserver/en-US/a290c5c0-3112-409f-8cb0-ff23e083e5d1/ad-fs-windows-2012-r2-adfssrv-hangs-in-starting-mode?forum=winserverDS

You might also be interested in reading the following blog post:

https://www.markbrilman.nl/2014/02/ad-fs-2012-r2-hangs-when-installed-on-a-domain-controller/

https://scug.be/sccm/2014/01/15/adfs-3-0-on-windows-2012-r2-adfssrv-hangs-in-starting-mode-and-makes-youre-domain-controller-unusable-after-reboot/

Comments

  • Anonymous
    May 08, 2017
    Thank you! This saved my bacon...