This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 53%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDV%3C/text%3E%3C/svg%3E)
I renew SSL certificate for ADFS and need to update configuration
Set-AdfsSslCertificate -Thumbprint XXXXc4f8b2d239bXXXXXXXXXXXXXX
And getting:
PS0317: One or more of AD FS servers returned errors during execution of command 'Set-AdfsSslCertificate'. Error information: PS0316: AD FS Server:
'localhost', Error: 'Connecting to remote server localhost failed with the following error message : Access is denied. For more information, see the
about_Remote_Troubleshooting Help topic.'.
Enter-PSSession for localhost only works afters -credentials are supplied
Enter-PSSession localhost -Credential $(Get-Credential)
Invoke-Command -ComputerName localhost -Credential $(Get-Credential) -ScriptBlock {Set-AdfsSslCertificate -Thumbprint XXXXc4f8b2d239b7dbeXXXXXXXXXXXXXXX}
also fails with same message
winrm get winrm/config/listener?Address=*+Transport=HTTP
Listener [Source="GPO"]
Address = *
Transport = HTTP
Port = 5985
Hostname
Enabled = true
URLPrefix = wsman
CertificateThumbprint
ListeningOn = 127.0.0.1, 1.1.1.1, ::1, fe80::5cb5:74ea:9e1d:1b0c%14
Solved it by running Powershell with BuiltIn administrator account
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 73%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESQ%3C/text%3E%3C/svg%3E)
Good to hear that the issue has been resolved! And thanks for sharing your solution in the forum as it would be helpful to anyone who encounters similar issues.
If there is anything else we can do for you, please feel free to post in the forum.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 36%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPP%3C/text%3E%3C/svg%3E)
Solved it by removing account from Protected Users group.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 84%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELG%3C/text%3E%3C/svg%3E)
Protected Users group is causing me several headaches. Before this problem I had another case with a Skype for Business administrator that unexpectedly failed to run such SfB powershell commands and locked out after few attempts. Even Microsoft support team failed to figure out that the cause was the membership of that account to the Protected Users group, we found it after months of troubleshooting.