Event ID 699 — Federation Service Authentication Web Pages

Applies To: Windows Server 2008 R2

The Federation Service provides Web pages that prompt the user to select an appropriate account partner to which the user can authenticate. The Federation Service also provides Web pages that prompt for the user’s credentials, such as a user name and password, for forms-based authentication. A Web page is also provided that supports Windows Integrated authentication and Secure Sockets Layer (SSL) client certificate authentication.

Event Details

Resolve

Configure at least one account store

If the Federation Service is intended to authenticate users, use the following procedure to configure at least one account store. Otherwise, consider replacing clientlogon.aspx with a static page that indicates that logon is not supported.

Depending on how you configured AD FS authentication, you can find the appropriate clientlogon.aspx page in either the %systemdrive%\Windows\ADFS\sts\ls, %systemdrive%\Windows\ADFS\sts\ls\auth\integrated, or %systemdrive%\Windows\ADFS\sts\ls\auth\sslclient directory.

To perform this procedure, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.

To add an account store to the Federation Service:

1. Click Start, point to Administrative Tools, and then click Active Directory Federation Services.
2. Double-click Federation Service, double-click Trust Policy, double-click My Organization, right-click Account Stores, point to New, and then click Account Store.

Verify

Verify that you can access the Active Directory Federation Services (AD FS)-enabled application from a client browser and that the resource can be accessed with the appropriate authorization.

Related Management Information

Federation Service Authentication Web Pages

Active Directory Federation Services