| Event Id | 129 |
| Source | Microsoft-Windows-ADFS |
| Description | The AD FS Web Agent Authentication Service received a remote procedure call (RPC) from a user who is not in the IIS_IUSRS group. This request will be denied. User Action If this error results in failed AD FS authentications, ensure that the failing Internet Information Services (IIS) application pool's identity is a member of the IIS_IUSRS group. |
| Event Information | According to Microsoft : Cause : This event is logged when the AD FS Web Agent Authentication Service received a remote procedure call (RPC) from a user who is not in the IIS_IUSRS group. Resolution : Configure the IIS application pool's identity to be a member of the IIS_IUSRS group If this error results in failed Active Directory Federation Services (AD FS) authentications, ensure that the failing Internet Information Services (IIS) application pool's identity is a member of the IIS_IUSRS group. This group is located in Computer Management\System Tools\Local Users and Groups\Groups. Verify : Verify that you can access the Active Directory Federation Services (AD FS)-enabled application from a client browser and that the resource can be accessed with the appropriate authorization. If you cannot access the application successfully, verify that the Windows token-based agent is configured with correct URL values and that all configuration parameters contain valid values. To perform this procedure, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority. To verify that the Windows token-based agent is configured with correct values:
|
| Reference Links | Event ID 129 from Source Microsoft-Windows-ADFS |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.