将联合服务器添加到现有联合身份验证服务 [英] Add a federation server to an existing federation service

问题描述

我目前有一个adfs 2.0服务器，现在我想将第二台服务器加入到服务器场。

当前的adfs 2.0服务器安装了WID功能，因此它不使用SQL i假设。

此外，在当前的adfs 2.0服务器上，我导出了证书并将其导入到新的adfs服务器上进行添加。

在新的adfs 2.0服务器上，我选择"将联合服务器添加到现有联合服务";并使用正确的服务帐户和密码填写主服务器的名称，但它给我以下错误：

无法读取来自数据库的AD FS配置数据

错误：客户端无法在配置的超时（00:10:00）内完成安全协商。目前的谈判支持是1周
（00:10:00）

任何有帮助的人，我卡住

解决方案

您好，

您确定第一台服务器是否安装了第一台服务器服务器场而不是独立服务器？
$

您是否在cn = microsoft中看到容器ADFS，cn =程序数据，dc = yourdomain，dc = com？

启动dsa.msc并启用高级视图。

问候，

Lutz

I currently have an adfs 2.0 server and now i want to join a second server to the farm.
The current adfs 2.0 server has the WID feature installed so its not using SQL i presume.
Further on the current adfs 2.0 server i exported the certificate and imported it on the new adfs server to add.
On the new adfs 2.0 server i select "Add a federation server to an existing federation service" and fill in the name of the primary server with the correct service account and password but it gives me the following error:

unable to read the AD FS configuration data from the database
Error: Client is unable to finish the security negotiation within the configured timeout (00:10:00). The current negotiation leg is 1
(00:10:00)

Anyone that could help, im stuck

解决方案

Hi,

are you sure that the first server was installed a first server of a farm and not as standalone server?

Do you see an container ADFS in cn=microsoft, cn=program data, dc=yourdomain,dc=com?

Start the dsa.msc and enable the advanced view.

Regards,

Lutz

这篇关于将联合服务器添加到现有联合身份验证服务的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！