Event ID 699 — Federation Service Authentication Web Pages
Applies To: Windows Server 2008 R2
The Federation Service provides Web pages that prompt the user to select an appropriate account partner to which the user can authenticate. The Federation Service also provides Web pages that prompt for the user’s credentials, such as a user name and password, for forms-based authentication. A Web page is also provided that supports Windows Integrated authentication and Secure Sockets Layer (SSL) client certificate authentication.
|Product:||Windows Operating System|
|Message:||The LSAuthenticationObject method LogonClient was called, but the Federation Service trust policy does not define any account stores.
If the Federation Service is intended to authenticate users, configure at least one account store. Otherwise, consider replacing clientlogon.aspx with a static page that indicates that logon is not supported.
Configure at least one account store
If the Federation Service is intended to authenticate users, use the following procedure to configure at least one account store. Otherwise, consider replacing clientlogon.aspx with a static page that indicates that logon is not supported.
Depending on how you configured AD FS authentication, you can find the appropriate clientlogon.aspx page in either the %systemdrive%\Windows\ADFS\sts\ls, %systemdrive%\Windows\ADFS\sts\ls\auth\integrated, or %systemdrive%\Windows\ADFS\sts\ls\auth\sslclient directory.
To perform this procedure, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.
To add an account store to the Federation Service:
- Click Start, point to Administrative Tools, and then click Active Directory Federation Services.
- Double-click Federation Service, double-click Trust Policy, double-click My Organization, right-click Account Stores, point to New, and then click Account Store.
Verify that you can access the Active Directory Federation Services (AD FS)-enabled application from a client browser and that the resource can be accessed with the appropriate authorization.