Partilhar via


Active Directory Federation Service Management Pack – Addendum

Hello, it's me again.

Following the idea of my other post on Active Directory Management Pack – Addendum for Trust Monitoring, I went ahead with the troubleshooting and resolved an issue with the Active Directory Federation Services 2012 R2 that one of my customers is having.

Basically, the issue is that the current MP version, that you can download from HERE, raise an alert saying that the "MEX Endpoint Is Unreachable" even when it is fully OK.

The issue for this false positive seems to be that the script does not exclude from the check, those servers whose role is not "PrimaryComputer". Having that said, I created a modified version of the script (and of whatever is needed to run it) and put it into a simple addendum MP that contains the following:

  • A DataSource module which contains the fixes script used to perform the check only on PrimaryServer role
  • A UnitMonitorType which parses the output from the DataSource module
  • A UnitMonitor which contains the script body and reports on the MEX health by creating an alert in case the status is not good.
  • A pre-defined override to disable the original monitor.

This addendum MP, only works with the MP version released by Microsoft for Active Directory Federation Services 2012 R2. To use it, just import it. No need for additional overrides or configuration.

If you want to give it a try, download the Zip file from the link below and import it.

I hope this addendum will relieve your pain, a bit.

Thanks

 

Microsoft.ActiveDirectoryFederationServices.2012.R2.Addendum.xml

Comments

  • Anonymous
    September 12, 2017
    Thank you Bruno,We as many others have this "problem" but are migrating to ADFS 2016. Do you know if this is fixed for the 2016 MP?
    • Anonymous
      September 12, 2017
      Hi Martin,looking at the MP code it seems that it is fixed in ADFS 2016 MP version (at least in version 10.0.1.0).Thanks,Bruno.