Troubleshooting attribute stores with AD FS 2.0

  • Article

Updated: May 5, 2010

Applies To: Active Directory Federation Services (AD FS) 2.0

The following table provides troubleshooting guidance for specific error event messages or other issues that you may encounter if you are having problems while you are working with attribute stores.

Before you begin the troubleshooting process, we recommend that you first try to configure AD FS 2.0 for troubleshooting and check for known common issues that might prevent normal functioning for the Federation Service. For detailed instructions for configuring and performing related system checks, see Configuring Computers for Troubleshooting AD FS 2.0 and Things to Check Before Troubleshooting AD FS 2.0.

Event or symptom Possible cause Resolution

Event ID 149
During processing of the Federation Service configuration, the attribute store could not be loaded.

The Federation Service is configured to use a custom attribute store that cannot be located.

If you are using a custom attribute store, verify that the custom attribute store is configured correctly by using the AD FS 2.0 snap-in. Also, verify that the custom attribute store assembly can be accessed.

Event ID 238
The Federation Service failed to find a domain controller for the domain.

The domain controller for the domain is unavailable.

Use Nltest.exe to determine why a domain controller cannot be located. Nltest is a command-line tool that is built into the Windows Server 2008 operating system. For more information, see Nltest (https://go.microsoft.com/fwlink/?LinkID=188930).

Event ID 246
The Federation Service encountered an error during an attempt to connect to a Lightweight Directory Access Protocol (LDAP) server.

The LDAP server is unavailable or is misconfigured.

Check the network connectivity to the LDAP server. Also, determine whether the LDAP server is configured correctly.

Event ID 247
The Federation Service encountered an error while connecting to a global catalog server.

The global catalog server is unavailable or is misconfigured.

Check the network connectivity to the global catalog server. Also, determine whether the global catalog server is configured correctly.

Event ID 305
The Federation Service encountered an error while querying an LDAP server.

The LDAP server returned a specific error when it was queried.

Review the additional details that are provided with this event for the specific error information that is related to this LDAP server issue.

Event ID 306
The Federation Service encountered an error while querying a global catalog server.

The global catalog server returned a specific error when it was queried.

Review the additional details that are provided with this event for the specific error information that is related to this global catalog server issue.

Event ID 376
An error occurred while executing a query in the SQL attribute store.

Access to the configured SQL-based attribute store failed.

Examine the exception details that are provided with this event to determine whether one or more of the following actions is applicable:

  • Verify that the connection string to the SQL attribute store is valid.

  • Make sure that the connection string can reach the SQL attribute store, and that the SQL attribute store exists. If you are using a custom attribute store, verify that the custom attribute store is configured correctly by using the AD FS 2.0 snap-in. Also, verify that the custom attribute store assembly can be accessed.

  • Verify that the SQL query and parameters are valid.

Event ID 377
A processing error occurred in an attribute store.

The configured attribute store returned an error during processing.

See the additional details that are provided with this event for more information.