Event ID 603 — Trust Policy and Configuration

Applies To: Windows Server 2008 R2

The Active Directory Federation Services (AD FS) trust policy file defines the set of parameters that a Federation Service requires to identify partners, certificates, account stores, claims, and the various properties of these entities that are associated with the Federation Service.

Event Details

Product: Windows Operating System
ID: 603
Source: Microsoft-Windows-ADFS
Version: 6.1
Symbolic Name: BadConfigurationMissingField
Message: During processing of web.config section '%1', the required parameter '%2' was not found.
Section: %1
Parameter: %2

The Federation Service or the Federation Service Proxy will not be able to start until this configuration parameter is corrected.

User Action
Add the required parameter.


Review the configuration of the Federation Service

Determine which required parameter is missing.

To perform this procedure, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.

To determine which required parameter is missing:

  1. Open the Active Directory Federation Services snap-in.
  2. Right-click the Federation Service, and then click Properties.
  3. On the General tab, do one of the following:
    • If the trust policy location is missing, add the proper path for the trust policy file.
    • If the token-signing certificate is missing, click Select, and then select a certificate.
    • If the event is on the federation server proxy and a client authentication certificate is missing, click Select, and then select a certificate.


Verify that you can access the Active Directory Federation Services (AD FS)-enabled application from a client browser and that the resource can be accessed.

Trust Policy and Configuration

Active Directory Federation Services