question

RodrigoPassini-3943 avatar image
0 Votes"
RodrigoPassini-3943 asked RodrigoPassini-3943 answered

ADFS (WAP / STS) not working after migration from Hyper-V to Vmware ESXi

Hello everybody,

I have 4 ADFS servers hosted on Hyper-V and I need to migrate them to VmWare ESXi.
2 of the servers are the WAP servers and they have a cluster between the network interfaces.
The other 2 are the STS servers and they have a cluster between the network interfaces as well.

I tried to migrate them many times with the Vmware Converter. After the migration, I created a new virtual network adapter (for vmware) for each server. I used the same IP addresses and the same MAC Addresses for each network adapter. The clusters between the network adapters of the servers are working perfectly. But the email services stopped working. Outlook can't connect to Office 365, and when we try to access using the browser, an error message appears when it tries to contact the STS server (inside and outsite the private network).

All the servers respond to ping and have access to internet.

I don't know if the problem is something with the network adapters that changed from Hyper-V to Vmware, or if I have to do something to reconnect to Office365.
I already migrated more than 100 VM's and had no problems at all. Only with these ADFS servers, and I don't know what else to do.

Does anybody have any suggestions?
Thanks in advance!

adfs
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

piaudonn avatar image
0 Votes"
piaudonn answered piaudonn converted comment to answer

Nothing in this scenario let us to think the issue could be the ADFS service.

We needs traces, error messages, something. It's mor elikely to be a network/DNS issue. To confirm, connect locally on the ADFS box and navigate to the /adfs/ls/IDPInitiatedSignon.aspx page. Can you log in there? (note that this page has to be enabled with Set-ADFSProperties -EnableIdPInitiatedSignonPage:$true for that test)

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RodrigoPassini-3943 avatar image
1 Vote"
RodrigoPassini-3943 answered

Hi! Thanks for your answer and your help.
I found what was the problem and I'll say what I did in case anyone have the same issue.

After migrating from Hyper-V to VmWare, I had to reconfigure the trust certificate between the server that WAP (web application proxy) is installed and the ADFS server.
Some windows services related to ADFS wasn't being able to start without this reconfiguration and I could see this issue on event viewer.

But that was not enough. In VMWare, I had to change the type of my network adapter from "VMXNET3" to "E1000E".
To be honest I don't know why I couldn't use the VMXNET3 adapter, but is working fine now with the E1000E.

Thank you for your suggestion and pacience.


Rodrigo Passini.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.