Troubleshooting audit failures with AD FS 2.0
Updated: May 5, 2010
Applies To: Active Directory Federation Services (AD FS) 2.0
The following table provides troubleshooting guidance for the specific error event messages or other issues that you may encounter if you are having problems that cause Active Directory Federation Services (AD FS) 2.0 auditing to fail.
Before you begin the troubleshooting process, we recommend that you first try to configure AD FS 2.0 for troubleshooting and check for known common issues that might prevent normal functioning for the Federation Service. For detailed instructions for configuring and performing related system checks, see Configuring Computers for Troubleshooting AD FS 2.0 and Things to Check Before Troubleshooting AD FS 2.0.
Event or symptom | Possible cause | Resolution |
---|---|---|
Event ID 207 |
The following are possible causes:
|
The following are possible resolutions for this event:
|
Event ID 208 |
The Federation Service does not have correct permissions to register the event source in the Security log. |
Ensure that the Federation Service has the correct permissions to write to the Security log. This includes verifying that the AD FS 2.0 service account has write permissions to perform auditing. For more information, see Configure auditing for AD FS 2.0. |
Event ID 209 |
The Federation Service failed to initiate auditing with the Windows event log. The cause is probably something specific to the Windows error code and the exception data that was returned in the event. |
To further diagnose the problem, review the error code and the exception text that is included in the event. |