ADFS 2.1 & 3.0 Config Debug Tracing


  1. Run CMD as Administrator
  2. WEVTUTIL sl "AD FS Tracing/Debug" /l:5
  3. Open the file “C:\Windows\ADFS\Microsoft.IdentityServer.Servicehost.exe.config”
  4. Find the following sections shown in the image
    ADFS2.13.0Tracing
  5. Update the switchValues for Microsoft.IdentityModel and System.ServiceModel to Verbose instead of Off.  Also remove the comments from around the system.serviceModel section.
    ADFS2.13.0TracingDone
  6. Open Event Viewer.
  7. To open Event Viewer, click Start, point to Programs, point to Administrative Tools, and then click Event Viewer.
  8. On the View menu, click Show Analytic and Debug Logs.
  9. In the console tree, expand Applications and Services Logs, expand AD FS Tracing, and then click Debug.
  10. In the Actions pane, click Enable Log.
  11. Tracing for AD FS is now enabled.
  12. Restart the Active Directory FederationServices windows service.
  13. Open the AD FS Management tool
  14. Right click on the Service folder and select Edit Federation Service Properties…
    ADFS Events
  15. Select the Events tab and select all the checkboxes to make sure all errors will be displayed in the event log.
    ADFS Events 2

Comments

Post a Comment

Popular posts from this blog

Add User As Local Administrator On Domain Controller

I recently was settting up a new Microsoft SharePoint 2010 machine and had promoted the machine to a domain controller before creating my SharePoint admin accounts.  I needed to add several of my accounts to the local Administrators group.  Unfortunately after you promote a server to a domain controller you can no longer access the GUI for Local Users and Groups.  Instead I had to use the command line to add the users. Open a command promt using the "Run as administrator" function and then run the following command. net localgroup Administrators /add {domain}\{user} Note: do not include the {} brackets.
Read more

Calling Dataverse Web API in PowerShell using Client Credentials

Image
Connecting to Dataverse using PowerShell can be very helpful for data migrations and use within Azure DevOps. Connecting to an instance in a non-interactive way can be tricky though. This article will provide you the links you need for creation and App registration and adding the app user to your environment. You can then utilize the script provided to call Web API requests including ones you define using the new Custom API functionality now available. The script was written so that it is not dependent on any outside libraries such as the Microsoft.Xrm.Tooling connector. This is helpful in situation where involving an outside library will slow down your deployment time by having to be approved in a change control board. If utilizing an outside code library is not a concern you can create a connection to Dataverse utilizing the Microsoft.Xrm.Tooling connector Get-CrmConnection cmdlet. Create App Registration The first thing to do is create an App Registration within Azure AD for
Read more

Windows Server 2008R2 VMs Shut Down After 1 to 2 Hours

Image
When created a lab environment to test ADFS 2.0 I utilized the Windows 2008R2 VM baselines distributed by Microsoft.  After a few days I was told that I had to activate.  The VMs included a 180 day license for use but I didn't feel like adding another network adapter into Hyper-V to connect them to the internet.  I started having issues though where the servers would shut down every hour or so.  I though that maybe there was a memory issue and Hyper-V was shutting them down in order to free up RAM.  Turns out that if Server 2008R2 is not activated it automatically shuts down after a period of time.  After connecting the server to the internet and activating them the problem went away. Finally the madness of the unknown shut downs has ended :)
Read more