I am trying to configure ADFS and am encountering an issue where ADFS is logging event ID 238 "The Federation Service failed to find a domain controller for the domain example.local"
This event is logged any time I attempt to test ADFS by using
https://my-adfs-server/adfs/ls/idpinitiatedsignon.aspx? where it prompts me for AD credentials and then brings me to an error page:
An error occurred
An error occurred. Contact your administrator for more information.
Activity ID: ba3a2f96-7798-4aa7-1000-0080010000c3
Error time: Thu, 23 Sep 2021 19:17:46 GMT
User agent string: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Edg/93.0.961.47
From the ADFS server I am able to use nltest just fine:
Dom Guid: f445d18a-5f41-4527-8a87-1a0f39e6e5fa
Dom Name: example.local
Forest Name: example.local
Dc Site Name: NorthPole
Our Site Name: NorthPole
Flags: PDC GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST CLOSE_SITE FULL_SECRET WS DS_8 DS_9 DS_10 0x20000
The command completed successfully
I made sure the ADFS service user has the 'Allowed to Authenticate' permission on both of our DCs.
There is no firewall in between the ADFS server and the DC either.
The ADFS server is definitely joined to our domain because I'm logging on to it with my domain user and it's listed in the correct AD container.
Any further insight into why ADFS acts like it cannot locate our DC?