I have an ADFS Farm and 2 ADFS proxy servers. The proxies are NOT members of the domain. This morning the proxy servers stopped being able to serve up FederationMetaData.xml. The FS servers are working fine.
The proxy server event logs are getting filled with errors of Event ID 364 which says "Encountered error during federation passive request" and the details say" An unsecured or incorrectly secured fault was received from the other party."
I have searched and found articles suggesting that if you see this error, you are likely missing an SPN but since they are not domain joined, SPN's don't come into the picture.
The core issue is I am trying to get the Proxies to serve up Federation Metadata again, but I am wondering if the Errors are related. I have gone through the Federation Proxy Configuration wizard successfully and have rebooted (several times) The one other oddity with this server is that when I do an iisreset, it always times out and says the service did not come back in a timely manner, but when I look, IIS is up and running fine.
Are those errors related or should I look elsewhere. If so, where else can I look?
Best Answer
It turned out to be an IIS issue. The fix that finally resolved the issue was to delete the "Default Web Site" which also includes the adfs and adfs/ls apps. After that I re-ran the ADFS Proxy wizard which recreated the IIS web sites and the afds apps. Note that running the ADFS proxy wizard without deleting the Default Web Site did not fix the issue. I had to have ADFS rebuild the web site, which tells me somehow IIS was misconfigured or corrupted.