Verify that the federation server is operational
Applies To: Azure, Office 365, Power BI, Windows Intune
You can use the following procedures to verify that a federation server (weather it was configured as the first federation server in a federation server farm or added to a federation server farm) is operational; that is, that any client on the same network can reach a new federation server.
AD FS 2.0 on Windows Server 2008 or Windows Server 2008 R2
AD FS on Windows Server 2012
Log on to a client computer that is located in the same forest as the federation server.
Open a browser window. In the address bar, type the federation server’s DNS host name, and then append /FederationMetadata/2007-06/FederationMetadata.xml to it for the new federation server; for example:
https://fs1.fabrikam.com/FederationMetadata/2007-06/FederationMetadata.xml
Press ENTER, and then complete the next procedure on the federation server computer. If you see the message There is a problem with this website’s security certificate, click Continue to this website.
The expected output is a display of XML with the service description document. If this page appears, IIS on the federation server is operational and serving pages successfully.
Log on to the new federation server as an Administrator.
Click Start, point to Administrative Tools, and then click Event Viewer.
In the details pane, double-click Applications and Services Logs, double-click AD FS 2.0 Eventing, and then click Admin.
In the Event ID column, look for event ID 100. If the federation server is configured properly, you see a new event—in the Application log of Event Viewer—with the event ID 100. This event verifies that the federation server was able to successfully communicate with the Federation Service.
To verify that Internet Information Services (IIS) is configured correctly on the federation server, log on to a client computer that is located in the same forest as the federation server.
Open a browser window, in the address bar type the federation server’s DNS host name, and then append /adfs/fs/federationserverservice.asmx to it for the new federation server, for example:
https://fs1.fabrikam.com/adfs/fs/federationserverservice.asmx
Press ENTER, and then complete the next procedure on the federation server computer. If you see the message There is a problem with this website’s security certificate, click Continue to this website.
The expected output is a display of XML with the service description document. If this page appears, IIS on the federation server is operational and serving pages successfully.
Log on to the new federation server as an administrator.
On the Start screen, type Event Viewer, and then press ENTER.
In the details pane, double-click Applications and Services Logs, double-click AD FS Eventing, and then click Admin.
In the Event ID column, look for event ID 100. If the federation server is configured properly, you see a new event—in the Application log of Event Viewer—with the event ID 100. This event verifies that the federation server was able to successfully communicate with the Federation Service.
Now that you have verified that the federation servers are operational, the next step is to Prepare your network infrastructure for configuring extranet access.
Checklist: Deploy your federation server farm on legacy versions of Windows Server
Checklist: Use AD FS to implement and manage single sign-on