Affan s Blog

AD FS Event ID 383 , 199, web.config file is malformed

AD FS Proxy stopped working with Event ID 383

User Action:
Fix the malformed data in the web.config file.

Event id 383
Event ID 383

or with you are found Event ID 199

Event ID 199

Reason behind this is problem in config file microsoft.identityServer.proxyservice.exe.config located at 

C:\Windows\ADFS\Config

You should take backups (and test those)

Best Practice

Normal file looks similar to below

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <configSections>
    <section name="microsoft.identityServer.proxyservice" type="Microsoft.IdentityServer.Management.Proxy.Configuration.ProxyConfiguration, Microsoft.IdentityServer.Management.Proxy, Version=10.0.0.0, Culture=neutral, PublicKeyToken=DDDD00999SSS, processorArchitecture=MSIL" />
  </configSections>

  <microsoft.identityServer.proxyservice>
    <congestionControl latencyThresholdInMSec="8000" minCongestionWindowSize="64"
      enabled="true" connectionTimeoutInSec="120" />
    <connectionPool connectionPoolSize="200" scavengeInterval="5" />
    <diagnostics eventLogLevel="15" />
    <host tlsClientPort="49443" httpPort="80" httpsPort="443" name="federation.affan.info" />
    <proxy address="" />
    <trust thumbprint="AAAAAAAAAAA00000AAAAA0000A0AA00AA0A0"
      proxyTrustRenewPeriod="21600" />
    <farmBehavior farmBehavior="2" />
    <ignoreBinding ignoreBinding="false" />
    <farmBehaviorLevel farmBehaviorLevel="4" />
  </microsoft.identityServer.proxyservice>
  <!-- <system.serviceModel>
    <diagnostics>
      <messageLogging logEntireMessage="true"
              logMessagesAtServiceLevel="true"
              logMessagesAtTransportLevel="true">
      </messageLogging>
    </diagnostics>
  </system.serviceModel> -->
</configuration>

Quick way is to replace the file if you have it backed up and service restart

If the solution above does not work remove and re-add the AD FS Proxy role and re establish the trust between AD FS and Proxy , This will regenerate the file and configs. From Administrative powershell run

Remove-WindowsFeature -Name Web-application-proxy
## Above command will require a system reboot after reboot run 

Install-WindowsFeature Web-Application-Proxy -IncludeManagementTools

Once the proxy feature is installed create the trust using following command

##Local Admin Credentials on AD FS Server 
$cred = Get-Credential

Install-WebApplicationProxy -FederationServiceName "federation.affan.info" -FederationServiceTrustCredential $cred -CertificateThumbprint "<Certificate Thumbprint>"

Done.

Posted

in

, ,

by

Affan

Tags:

, , ,