question

LukeLim95131 avatar image
0 Votes"
LukeLim95131 asked piaudonn answered

ADFS FBL Raise Fail

I tried to raise the ADFS FBL with Test-AdfsFarmBehaviorLevelRaise

Test-AdfsFarmBehaviorLevelRaise : Database upgrade cannot be performed on xxx Error: Connecting to remote server xxx failed with the following error message : WinRM cannot process the request. The following error with errorcode
0x8009030e occurred while using Kerberos authentication: A specified logon session does not exist. It may already have been terminated.

I checked that Windows Remote Manager service is running.
I checked that TCP 5985 is not blocked.

I am running the command on the primary server and it is a single node farm. I have checked the ADFS service is in good health before I run this command.

Any advice on how I can raise the FBL?
I am using a local admin account to raise the FBL. Is it that problem? If I can only use a local admin account, do I need to add certain permissions?

adfs
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

piaudonn avatar image
0 Votes"
piaudonn answered

When you say you are using a local admin account, you mean a local account which is admin? Or a domain account which is a member of the local administrators group?
The error message suggests a Kerberos authentication erreur. So that you used a local account. There's no Kerberos authentication possible when using a local account.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Yes thanks for pointing that out.

I tried a domain account with local admin rights and it worked.

0 Votes 0 ·