AD FS 端点不可用
[英]AD FS endpoints unavailable
问题描述
AD FS 端点不可用。 我配置了 AD FS。 但是当我尝试连接到某些端点时,我可以看到“HTTP 错误 503。该服务不可用”。 端点在 AD FS 管理中启用。
我尝试连接到
......adfs/services/trust/13/usernamemixed
和
...../services/trust/13/windowsmixed
3 个解决方案
解决方案1
3 2017-01-29 02:13:00
我不时看到这种情况发生。
运行以下命令并查看端点是否已列出。 如果没有,请重新启动服务器并再次检查。
netsh http sh serv | findstr /i /c:"trust/13/usernamemixed"
当您这样做时,如果端点可用,您应该会看到如下所示的内容。
C:\Windows\system32>netsh http sh serv | findstr /i /c:"trust/13/usernamemixed"
HTTPS://+:443/ADFS/SERVICES/TRUST/13/USERNAMEMIXED/
解决方案2
0 2021-03-11 18:34:03
我在 ADFS 2019 上遇到了同样的问题。
AD FS 服务端口存在问题,就像 Eugen 一样。 重新启动 AD FS 服务后,事件查看器显示错误:
Event 102, AD FS
There was an error in enabling endpoints of Federation Service. Fix configuration errors using PowerShell cmdlets and restart the Federation Service.
Additional Data
Exception details:
System.ServiceModel.AddressAlreadyInUseException: There is already a listener on IP endpoint 0.0.0.0:808.
This could happen if there is another application already listening on this endpoint or if you have multiple
service endpoints in your service host with the same IP endpoint but with incompatible binding configurations. ---> System.Net.Sockets.SocketException:
Only one usage of each socket address (protocol/network address/port) is normally permitted
at System.Net.Sockets.Socket.DoBind(EndPoint endPointSnapshot, SocketAddress socketAddress)
at System.Net.Sockets.Socket.Bind(EndPoint localEP)
at System.ServiceModel.Channels.SocketConnectionListener.Listen()
--- End of inner exception stack trace ---
at System.ServiceModel.Channels.SocketConnectionListener.Listen()
at System.ServiceModel.Channels.ExclusiveTcpTransportManager.OnOpen()
at System.ServiceModel.Channels.TransportManager.Open(TransportChannelListener channelListener)
at System.ServiceModel.Channels.TransportManagerContainer.Open(SelectTransportManagersCallback selectTransportManagerCallback)
at System.ServiceModel.Channels.TransportChannelListener.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.ConnectionOrientedTransportChannelListener.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.TcpChannelListener`2.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at Microsoft.IdentityServer.ServiceHost.STSService.StartSTSService(ServiceHostManager serviceHostManager, ServiceState serviceState)
要解决此问题,您可以按照以下步骤更改服务端口:
以管理员身份启动 SharePoint Management Shell
查看当前服务端口
get-adfsproperties | findstr "NetTcpPort" NetTcpPort : 1501更改服务端口
Set-ADFSProperties -nettcpport 1601确认更改
get-adfsproperties | findstr "NetTcpPort" NetTcpPort : 1601通过服务控制台重启 AD FS 服务
说明基于技术文章: https : //social.technet.microsoft.com/wiki/contents/articles/2009.ad-fs-2-0-how-to-change-the-net-tcp-ports-for -services-and-administration.aspx
解决方案3
-2 2017-03-14 08:50:19
我找到了解决方案。问题出在端口上。 问题是 AD FS 通常的端口很忙。 你可以在这里找到
配置 AD FS 标识符,使其与 AD FS 令牌颁发者相匹配
[英]Configuring the AD FS Identifier so that it matches the AD FS token issuer
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.