Export (0) Print
Expand All

Windows NT Token-Based Application Auditing

Updated: February 27, 2008

Applies To: Windows Server 2008

Audit events are written to the audit log during the auditing process. The Windows token-based agent records Success and Failure audits, such as the state of the AD FS Web Agent Authentication Service.

Events

Event ID Source Message

125

Microsoft-Windows-ADFS

The AD FS Web Agent Authentication Service could not start. The authentication service has not been configured to run as a principal that has been granted the "Generate Security Audits" privilege (SeAuditPrivilege).

Users will not be able to access protected resources until the authentication service can be restarted.

User Action
Either grant the AD FS authentication service principal the "Generate Security Audits" privilege or configure the authentication service to run as a principal that has already been granted the "Generate Security Audits" privilege. (For example, configure the authentication service to run as LocalSystem.)

126

Microsoft-Windows-ADFS

The AD FS Web Agent Authentication Service was not able to start. A failure was encountered when registering as an event source.

Users will not be able to access protected resources until the authentication service can be restarted.

Additional Data
The data field contains a Win32 error code.

10560

Microsoft-Windows-ADFS

%1
Key identifier: %2
Error code: %3
Token ID: %4
Identity: %5
Issuer: %6
Audience: %7
Effective time: %8 %9
Expiration time: %10 %11
Claim source: %12
Authentication methods:
Method%t%tTime
%13
UPN: %14
E-mail: %15
Common name: %16

Related Management Information

Web Agent for Windows NT Token-Based Applications

Active Directory Federation Services

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft