Event ID - 100

Event Id100
SourceMicrosoft-Windows-ADFS
DescriptionThe AD FS Web Agent for Windows NT token-based applications could not contact the Federation Service during startup. Federation Service URL: %1 The Web agent will not be able to authenticate users until it can retrieve trust information from the Federation Service. User Action Ensure that the Uniform Resource Locator (URL) for the Federation Service is properly configured and that the Federation Service can be contacted from this Web server. Ensure that this Web server is joined to an Active Directory Domain Services domain. Ensure that the ADFS Web Agent Authentication Service is started.
Event Information According to Microsoft :

Cause :

This event is logged when the AD FS Web Agent for Windows NT token-based applications could not contact the Federation Service during startup.

Resolution :

Check IIS settings for the Federation Service

Ensure that the Uniform Resource Locator (URL) for the Federation Service is properly configured and that the Federation Service can be contacted from this Web server.

To perform this procedure, you must be a member of the local Users, Power Users, Backup Operators, or Administrators group, or you must have been delegated the appropriate authority.

To check the URL for the Federation Service:
  1. On the Web server, click Start , point to Administrative Tools , and then click Internet Information Services (IIS) Manager .
  2. Click ComputerName .
  3. In the center pane double-click Federation Services URL , and then verify the URL is conifigured correctly.
Ensure that this Web server is joined to an Active Directory domain.

To perform this procedure, you must be a member of the local Users, Power Users, Backup Operators, or Administrators group, or you must have been delegated the appropriate authority.

To check whether the Web server is joined to a domain:
  1. On the Web server, click Start , click Control Panel , and then double-click System .
  2. Under Computer Name, domain, and workgroup settings , click Change settings .
  3. In the System Properties dialog box, under the Computer Name tab, click Change .
  4. In the Computer Name/Domain Changes dialog box, under Member of click Domain , and if a value is not present type the name of the domain that this federation server will join, and then click OK .
  5. Click OK , and then restart the computer.
Verify :

Verify that you can access the Active Directory Federation Services (AD FS)-enabled application from a client browser and that the resource can be accessed with the appropriate authorization.

If you cannot access the application successfully, verify that the Windows token-based agent is configured with correct URL values and that all configuration parameters contain valid values.

To perform this procedure, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.

To verify that the Windows token-based agent is configured with correct values:
  1. Click Start , point to Administrative Tools , and then click Internet Information Services (IIS) Manager .
  2. In the console tree, click YourComputerName (local computer) .
  3. In the console tree, double-click Sites , and then click YourWebSiteName.
  4. In the center pane, double-click Authentication , highlight AD FS Windows Token-Based Agent , and then in the Actions pane click Edit .
  5. In the AD FS Windows Token-Based Agent dialog box, confirm that the Enable AD FS Web Agent check box is selected.
  6. Make sure that the following values are valid, and then click OK .
  • Cookie path
  • Cookie domain
  • Return URL
Reference LinksEvent ID 100 from Source Microsoft-Windows-ADFS

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh