Home | Site Map | Cisco How ToNet How To | Wireless |Search | Forums | Services | Donations | Careers | About Us | Contact Us|

Can't start ADFS service with error 1064

Network Sharing , TCP/IP, Internet, Wireless, Exchange, IIS, ISA and Print

Can't start ADFS service with error 1064

Postby blin » Wed Nov 23, 2016 9:26 pm

Situation: When attempting to start the ADFS service on proxy server, the client receives the following error:

Windows could not start the Active Directory Federation Service service on Local Computer.
Error 1064: An exception occurred in the service when handling the control request.

Under the System section of the Windows Event Log, the following error was shown:

Event ID: 7023
The Active Directory Federation Services service terminated with the following error:
An exception occurred in the service when handling the control request.

Followed a few moments later by the following error:

Event ID: 7023
The Web Application Proxy Service terminated with the following error:
A certificate is required to complete client authentication

Looking in the ‘AD FS’ section of the Event Log (under ‘Applications and Services Logs’), the following errors were shown (note that the first error was generally shown multiple times, followed by a single instance of the second error):

Event ID: 383
The Web request failed because the web.config is malformed.
User Action:
Fix the malformed data in the web.config file.
Exception details:
Root element is missing (C:\Windows\ADFS\Config\microsoft.identityServer.proxyservice.exe.config)
Root element is missing.

Event ID: 199
The federation server proxy could not be started.
Reason: Error retrieving proxy configuration from the Federation Service.
Additional Data
Exception details:
An error occurred when attempting to load the proxy configuration.

Checking the file at C:\Windows\ADFS\Config\microsoft.identityServer.proxyservice.exe.config showed that while the file size was still indicated as 2k, butthe file was blank.

Resolution: 1. Restore web.config from the backup.
2. Remove and re-install it.
1) Remove the Web Application Proxy role from the server. Once this is complete, a reboot will be required.
2) Re-add the Web Application Proxy role to the server.
3) Once this is complete, initiate the configuration wizard.
4) Use the same configuration parameters as you used when configuring the service initially, namely federation service name (e.g. federation.domain.com), local admin details for the federation server and the federation certificate (unless you’ve replaced the certificate used, in which case obviously you should use the new certificate details); you noted those down during initial configuration, right?
5) Once configuration is complete, the Remote Access Management Console should open automatically. All of your publishing rules should still be in place, and your published services should be available immediately.
How to Configure and Troubleshoot Cisco

Tablet and Smartphone Setup Guide
Site Admin
Posts: 3674
Joined: Wed Dec 31, 1969 7:00 pm
Location: Chicago, USA

Return to Networking

Your Ad Here

Who is online

Users browsing this forum: No registered users and 6 guests