Event ID - 660

Event Id660
SourceMicrosoft-Windows-ADFS
DescriptionThe Federation Service encountered an error while loading the trust policy. An unexpected exception was encountered. If this error occurs during startup of the Federation Service, the Federation Service will not be able to start and all requests to the Federation Service will fail until the configuration is corrected. If this error occurs while the Federation Service is running, the Federation Service will continue to use the last policy that was loaded successfully, and it will attempt to load the policy again in %1 minutes. Retry period: %1 User Action If this error persists, enable the AD FS troubleshooting log. Additional Data Exception information: %2
Event Information According to Microsoft :

Cause :

This event is logged when the Federation Service encountered an error while loading the trust policy.

Resolution :

Review the settings for the trust policy

This error occurs when the trust policy file is loaded. Possible causes include the following:
  • The XML file for the trust policy (trustpolicy.xml) is not valid.
  • The user does not have permission to access the trust policy.
  • The path to the trustpolicy.xml file is not valid.
To perform these procedures, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.

To confirm that the trustpolicy.xml file is valid:
  1. On a federation server, click Start , point to Administrative Tools , and then click Active Directory Federation Services .
  2. If no error is presented when the snap-in is completely loaded, the trustpolicy.xml file is valid. The federation server runs a basic format validation on the trustpolicy.xml file each time that you open the Active Directory Federation Services snap-in.
To check user access control settings for the trust policy:
  1. On the federation server, click Start , point to Administrative Tools , and then click Active Directory Federation Services .
  2. In the console tree, right-click Federation Service , click Properties , record the trust policy location value that is specified in Trust policy file, and then click OK.
  3. If the trustpolicy.xml file is located on a server other than the federation server, log on to that server as an administrator (in case you need to make changes), and then open Windows Explorer .
  4. Locate the folder where the trustpolicy.xml file is stored, right-click the trustpolicy.xml file, and then click Properties .
  5. Click the Security tab , and then confirm that the appropriate users have at least read-only permissions to the file.
  6. If the users are accessing the file through a network share, confirm that permissions for the users to access the share are at least read-only permissions.
To confirm that the path to the trustpolicy.xml file is set correctly:
  1. On the federation server, click Start, point to Administrative Tools, and then click Active Directory Federation Services.
  2. In the console tree, right-click Federation Service , click Properties ,and confirm that a valid location for the trustpolicy.xml file is specified in Trust policy file .and confirm that a valid location for the trustpolicy.xml file is specified in Trust policy file.
Verify :

Verify that you can access the Active Directory Federation Services (AD FS)-enabled application from a client browser and that the resource can be accessed.
Reference LinksEvent ID 660 from Source Microsoft-Windows-ADFS

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh