troubleshooting Question

Error 364 adfs 3.0 msis 7042 , maybe after windows update on windows server 2012 r2

Avatar of Mattia Minervini
Mattia MinerviniFlag for Italy asked on
Windows Server 2012* Dynamics CRM* Active Directory Federation Services (ADFS)
2 Comments1 Solution181 ViewsLast Modified:
Hi all!
Dynamics on premise, exposed with ADFS 3.0 and ADFS PROXY
So i have this scenario:

1 vm x sql (lan)
1 vm x dynamics (lan)
2 vm x dns and dc (lan)
1 vm x adfs (lan)
1 vm x adfs proxy (Dmz)

After windows update for windows 2012 r2 on ADFS and ADFS PROXY vm, it stops to authenticate from external
When i try opening https url, it loops until error
On lan, it works

on browser client this error:

    Activity ID: 00000000-0000-0000-5000-0080000000d0
    Relying party: CRM CLAIMS RELYING PARTY
    Error time: Tue, 24 Mar 2020 07:53:03 GMT
    Cookie: enabled
    User agent string: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0


on ADFS server i can try this log:

Encountered error during federation passive request.

Additional Data

Protocol Name:
wsfed

Relying Party:
https://mydynamics.mydomain.com/ 

Exception details:
Microsoft.IdentityServer.Web.InvalidRequestException: MSIS7042: The same client browser session has made '6' requests in the last '1' seconds. Contact your administrator for details.
   at Microsoft.IdentityServer.Web.Protocols.PassiveProtocolHandler.UpdateLoopDetectionCookie(WrappedHttpListenerContext context)
   at Microsoft.IdentityServer.Web.Protocols.WSFederation.WSFederationProtocolHandler.SendSignInResponse(WSFederationContext context, MSISSignInResponse response)
   at Microsoft.IdentityServer.Web.PassiveProtocolListener.ProcessProtocolRequest(ProtocolContext protocolContext, PassiveProtocolHandler protocolHandler)
   at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)


#############

This happens with different client, with different browser (no trust site oro protection mode IE works)
Just rebooted ADFS and ADFS PROXY no success

In browser i can see the loop until error
How i can monitor better ADFS?
I can reboot also Dynamics vm or IIS?
Please ask me for details, sorry for my english
M
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 2 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 2 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros