Verify That a Federation Server Is Operational
Updated: May 5, 2010
Applies To: Active Directory Federation Services (AD FS) 2.0
You can use the following procedures to verify that a federation server is operational; that is, that any client on the same network can reach a new federation server.
Membership in Users, Backup Operators, Power Users, Administrators or equivalent, on the local computer is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (http://go.microsoft.com/fwlink/?LinkId=83477).
Procedure 1: To verify that a federation server is operational
To verify that Internet Information Services (IIS) is configured correctly on the federation server, log on to a client computer that is located in the same forest as the federation server.
Open a browser window, in the address bar type the federation server’s DNS host name, and then append /adfs/fs/federationserverservice.asmx to it for the new federation server, for example:
Press ENTER, and then complete the next procedure on the federation server computer. If you see the message There is a problem with this website’s security certificate, click Continue to this website.
The expected output is a display of XML with the service description document. If this page appears, IIS on the federation server is operational and serving pages successfully.
Membership in Administrators, or equivalent, on the local computer is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (http://go.microsoft.com/fwlink/?LinkId=83477).
Procedure 2: To verify that a federation server is operational
Log on to the new federation server as an administrator.
Click Start, point to Administrative Tools, and then click Event Viewer.
In the details pane, double-click Applications and Services Logs, double-click AD FS 2.0 Eventing, and then click Admin.
In the Event ID column, look for event ID 100. If the federation server is configured properly, you see a new event—in the Application log of Event Viewer—with the event ID 100. This event verifies that the federation server was able to successfully communicate with the Federation Service.