| Event Id | 728 |
| Source | Microsoft-Windows-ADFS |
| Description | The Federation Service has encountered an error while reading Group Policy settings. This may indicate an attempt by the local administrator to bypass Group Policy. The Federation Service will fail all requests until this condition is corrected. |
| Event Information | According to Microsoft : Cause This event is logged when the last remaining valid verification certificate for account partner or a certificate in its trust chain, is due to expire within days. Resolution Replace or renew the certificate for the account partner Contact the account partner administrator as soon as possible, and replace or renew the token-signing certificate. To perform this procedure, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority. To add a token-signing certificate to the verification list of an account partner: 1.Click Start, point to Administrative Tools, and then click Active Directory Federation Services. 2.Double-click Federation Service, double-click Trust Policy, double-click Partner Organizations, double-click Account Partners, right-click the account partner, and then click Properties. 3.Click the Verification Certificates tab, and then click Add. 4.In the Browse for Verification Certificate file dialog box, locate the certificate file that you want to add. 5.Select the certificate file, and then click Open. 6.In the Trust Policy Properties dialog box, click OK. Verify Verify that you can access the Active Directory Federation Services (AD FS)-enabled application from a client browser and that the resource can be accessed. |
| Reference Links | Event ID 728 from Source Microsoft-Windows-ADFS |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.