【发布时间】:2015-08-28 11:36:09
【问题描述】:
我尝试通过 ADFS 为 Office 365 和我的虚拟机 (Windows Server 2012 R2) 配置 SSO,并使用 AD DC。 ADFS 安装在我的虚拟机上。我的虚拟机位于路由器后面,我已将端口转发到我的虚拟机,尤其是 80、443、5985 端口。
我已成功安装 Windows Server 2012 R2 的最新更新和 ADFS 的个别更新(特别是 KB3018886、KB3020773、KB3025078、KB3033917、KB3035025、KB3052122)。
我在我的 AD 上创建了额外的 UPN 后缀。
我使用以下脚本来实现我的目标。
clear-host
$ErrorActionPreference = "Stop"
$adfsServerAddress = "example.com"
$domainName = "example.com"
$cred = Get-Credential -Message "Enter a Global Administrator account from Office 365"
Write-Host "Connecting to Microsoft Online Services with the credential" -foreground Green
Connect-MsolService -Credential $cred
Enable-PSRemoting -Force
Write-Host "Setting of the MSOL ADFS Context server to the ADFS server" -foreground Green
Set-MsolADFSContext -Computer $adfsServerAddress -logfile c:\log.txt
Write-Host "Converting of the domain to a federated domain" -foreground Green
Convert-MsolDomainToFederated -DomainName $domainName
Write-Host "Verifying federation" -foreground Green
Get-MsolFederationProperty -DomainName $domainName
在我的例子中,UPN 后缀 $adfsServerAddress 和 $domainName 是相同的。脚本正在我的虚拟机上运行。
脚本在 cmdlet Set-MsolADFSContext 上失败。错误信息是
Set-MsolADFSContext : The connection to example.com Active Directory
Federation Services 2.0 server failed due to invalid credentials.
At C:\Users\Administrator\Desktop\Office 365 ADFS configuration.ps1:16 char:1
+ Set-MsolADFSContext -Computer $adfsServerAddress -logfile c:\log.txt
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Set-MsolADFSContext], Fed
erationException
+ FullyQualifiedErrorId : ConnectionToGenevaServerFailed,Microsoft.Online.
Identity.Federation.Powershell.ContextCredentialsCommand
我有以下日志。
8/28/2015 3:47:38 AM Command Set-MsolADFSContext invoked.
8/28/2015 3:47:38 AM Creating ADFS Server PS session.
8/28/2015 3:47:38 AM ContextCredentialsCommand:CreatePowerShellSessionToGenevaServer: Invoked.
8/28/2015 3:47:38 AM Creating PS session to 'example.com' ADFS server
8/28/2015 3:47:38 AM Connect using current logged-on user creds.
8/28/2015 3:47:38 AM Runspace Connection info: Scheme:http Port:5985, AuthenticationType:Default Uri:example.com AppName:wsman, Shell:http://schemas.microsoft.com/powershell/Microsoft.PowerShell
8/28/2015 3:47:38 AM Connection Uri: http://example.com:5985/wsman/
8/28/2015 3:47:38 AM Opening runspace to 'http://example.com:5985/wsman/'
8/28/2015 3:47:39 AM System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
8/28/2015 3:47:39 AM fullyQualifiedErrorId: System.Management.Automation.Remoting.PSRemotingDataStructureException
8/28/2015 3:47:39 AM Command failed: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.ParseAndThrowErrorRecord(ErrorRecord errorRecord, String overRideErrorId)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.OpenToGenevaServer(PSCredential serverCredential)
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.<>c__DisplayClass2.<CreatePowerShellSessionToGenevaServer>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
8/28/2015 3:47:39 AM Retry errorId: ConnectionToGenevaServerFailed
8/28/2015 3:47:39 AM Retry exception: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException
8/28/2015 3:47:40 AM Going to sleep mode for 1000 milliseconds before reattempt - 2
8/28/2015 3:47:41 AM Runspace Connection info: Scheme:http Port:5985, AuthenticationType:Default Uri:example.com AppName:wsman, Shell:http://schemas.microsoft.com/powershell/Microsoft.PowerShell
8/28/2015 3:47:41 AM Connection Uri: http://example.com:5985/wsman/
8/28/2015 3:47:41 AM Opening runspace to 'http://example.com:5985/wsman/'
8/28/2015 3:47:42 AM System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
8/28/2015 3:47:42 AM fullyQualifiedErrorId: System.Management.Automation.Remoting.PSRemotingDataStructureException
8/28/2015 3:47:42 AM Command failed: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.ParseAndThrowErrorRecord(ErrorRecord errorRecord, String overRideErrorId)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.OpenToGenevaServer(PSCredential serverCredential)
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.<>c__DisplayClass2.<CreatePowerShellSessionToGenevaServer>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
8/28/2015 3:47:42 AM Retry errorId: ConnectionToGenevaServerFailed
8/28/2015 3:47:42 AM Retry exception: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException
8/28/2015 3:47:42 AM Going to sleep mode for 2000 milliseconds before reattempt - 3
8/28/2015 3:47:44 AM Runspace Connection info: Scheme:http Port:5985, AuthenticationType:Default Uri:example.com AppName:wsman, Shell:http://schemas.microsoft.com/powershell/Microsoft.PowerShell
8/28/2015 3:47:44 AM Connection Uri: http://example.com:5985/wsman/
8/28/2015 3:47:44 AM Opening runspace to 'http://example.com:5985/wsman/'
8/28/2015 3:47:45 AM System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
8/28/2015 3:47:45 AM fullyQualifiedErrorId: System.Management.Automation.Remoting.PSRemotingDataStructureException
8/28/2015 3:47:45 AM Command failed: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.ParseAndThrowErrorRecord(ErrorRecord errorRecord, String overRideErrorId)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.OpenToGenevaServer(PSCredential serverCredential)
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.<>c__DisplayClass2.<CreatePowerShellSessionToGenevaServer>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
8/28/2015 3:47:45 AM Retry errorId: ConnectionToGenevaServerFailed
8/28/2015 3:47:45 AM Retry exception: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException
8/28/2015 3:47:45 AM Failure after too many retry attempts...
8/28/2015 3:47:45 AM Wrong credentials to ADFS Server connection, attempt #'1'
8/28/2015 3:47:45 AM Prompting the user for 'example.com' ADFS Server creds.
8/28/2015 3:47:45 AM ContextCredentialsCommand:GetServerCredentials: Invoked.
8/28/2015 3:47:55 AM Runspace Connection info: Scheme:http Port:5985, AuthenticationType:Default Uri:example.com AppName:wsman, Shell:http://schemas.microsoft.com/powershell/Microsoft.PowerShell
8/28/2015 3:47:55 AM Connection Uri: http://example.com:5985/wsman/
8/28/2015 3:47:55 AM Opening runspace to 'http://example.com:5985/wsman/'
8/28/2015 3:47:56 AM System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
8/28/2015 3:47:56 AM fullyQualifiedErrorId: System.Management.Automation.Remoting.PSRemotingDataStructureException
8/28/2015 3:47:56 AM Command failed: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.ParseAndThrowErrorRecord(ErrorRecord errorRecord, String overRideErrorId)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.OpenToGenevaServer(PSCredential serverCredential)
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.<>c__DisplayClass2.<CreatePowerShellSessionToGenevaServer>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
8/28/2015 3:47:56 AM Retry errorId: ConnectionToGenevaServerFailed
8/28/2015 3:47:56 AM Retry exception: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException
8/28/2015 3:47:56 AM Going to sleep mode for 1000 milliseconds before reattempt - 2
8/28/2015 3:47:57 AM Runspace Connection info: Scheme:http Port:5985, AuthenticationType:Default Uri:example.com AppName:wsman, Shell:http://schemas.microsoft.com/powershell/Microsoft.PowerShell
8/28/2015 3:47:57 AM Connection Uri: http://example.com:5985/wsman/
8/28/2015 3:47:57 AM Opening runspace to 'http://example.com:5985/wsman/'
8/28/2015 3:47:58 AM System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
8/28/2015 3:47:58 AM fullyQualifiedErrorId: System.Management.Automation.Remoting.PSRemotingDataStructureException
8/28/2015 3:47:58 AM Command failed: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.ParseAndThrowErrorRecord(ErrorRecord errorRecord, String overRideErrorId)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.OpenToGenevaServer(PSCredential serverCredential)
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.<>c__DisplayClass2.<CreatePowerShellSessionToGenevaServer>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
8/28/2015 3:47:58 AM Retry errorId: ConnectionToGenevaServerFailed
8/28/2015 3:47:58 AM Retry exception: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException
8/28/2015 3:47:58 AM Going to sleep mode for 2000 milliseconds before reattempt - 3
8/28/2015 3:48:00 AM Runspace Connection info: Scheme:http Port:5985, AuthenticationType:Default Uri:example.com AppName:wsman, Shell:http://schemas.microsoft.com/powershell/Microsoft.PowerShell
8/28/2015 3:48:00 AM Connection Uri: http://example.com:5985/wsman/
8/28/2015 3:48:00 AM Opening runspace to 'http://example.com:5985/wsman/'
8/28/2015 3:48:01 AM System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
8/28/2015 3:48:01 AM fullyQualifiedErrorId: System.Management.Automation.Remoting.PSRemotingDataStructureException
8/28/2015 3:48:01 AM Command failed: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.ParseAndThrowErrorRecord(ErrorRecord errorRecord, String overRideErrorId)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.OpenToGenevaServer(PSCredential serverCredential)
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.<>c__DisplayClass2.<CreatePowerShellSessionToGenevaServer>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
8/28/2015 3:48:01 AM Retry errorId: ConnectionToGenevaServerFailed
8/28/2015 3:48:01 AM Retry exception: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException
8/28/2015 3:48:01 AM Failure after too many retry attempts...
8/28/2015 3:48:01 AM Wrong credentials to ADFS Server connection, attempt #'2'
8/28/2015 3:48:01 AM Prompting the user for 'example.com' ADFS Server creds.
8/28/2015 3:48:01 AM ContextCredentialsCommand:GetServerCredentials: Invoked.
8/28/2015 3:48:17 AM Runspace Connection info: Scheme:http Port:5985, AuthenticationType:Default Uri:example.com AppName:wsman, Shell:http://schemas.microsoft.com/powershell/Microsoft.PowerShell
8/28/2015 3:48:17 AM Connection Uri: http://example.com:5985/wsman/
8/28/2015 3:48:17 AM Opening runspace to 'http://example.com:5985/wsman/'
8/28/2015 3:48:18 AM System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
8/28/2015 3:48:18 AM fullyQualifiedErrorId: System.Management.Automation.Remoting.PSRemotingDataStructureException
8/28/2015 3:48:18 AM Command failed: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.ParseAndThrowErrorRecord(ErrorRecord errorRecord, String overRideErrorId)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.OpenToGenevaServer(PSCredential serverCredential)
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.<>c__DisplayClass2.<CreatePowerShellSessionToGenevaServer>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
8/28/2015 3:48:18 AM Retry errorId: ConnectionToGenevaServerFailed
8/28/2015 3:48:18 AM Retry exception: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException
8/28/2015 3:48:18 AM Going to sleep mode for 1000 milliseconds before reattempt - 2
8/28/2015 3:48:19 AM Runspace Connection info: Scheme:http Port:5985, AuthenticationType:Default Uri:example.com AppName:wsman, Shell:http://schemas.microsoft.com/powershell/Microsoft.PowerShell
8/28/2015 3:48:19 AM Connection Uri: http://example.com:5985/wsman/
8/28/2015 3:48:19 AM Opening runspace to 'http://example.com:5985/wsman/'
8/28/2015 3:48:20 AM System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
8/28/2015 3:48:20 AM fullyQualifiedErrorId: System.Management.Automation.Remoting.PSRemotingDataStructureException
8/28/2015 3:48:20 AM Command failed: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.ParseAndThrowErrorRecord(ErrorRecord errorRecord, String overRideErrorId)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.OpenToGenevaServer(PSCredential serverCredential)
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.<>c__DisplayClass2.<CreatePowerShellSessionToGenevaServer>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
8/28/2015 3:48:20 AM Retry errorId: ConnectionToGenevaServerFailed
8/28/2015 3:48:20 AM Retry exception: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException
...
8/28/2015 3:48:23 AM Failure after too many retry attempts...
8/28/2015 3:48:23 AM Wrong credentials to ADFS Server connection, attempt #'3'
如我们所见,我们在所有尝试中都出现相同的错误
Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
我尝试执行“winrm quickconfig”并得到以下结果:
WinRM service is already running on this machine.
WinRM is already set up for remote management on this computer.
我在“Enable-PSRemoting -Force”命令上得到了同样的结果。
在 Set-MsolADFSContext 的执行过程中,它两次请求 example.com 的凭据。我输入了一个有效的凭据。
在事件查看器中,我有类似
的记录A logon was attempted using explicit credentials.
Subject:
Security ID: WMDOMAIN\Administrator
Account Name: Administrator
Account Domain: WMDOMAIN
Logon ID: 0x10EF8F6
Logon GUID: {59d6d6bb-ed3f-ef6b-d744-b8a45aa4fa64}
Account Whose Credentials Were Used:
Account Name: administrator
Account Domain: WMDOMAIN
Logon GUID: {00000000-0000-0000-0000-000000000000}
Target Server:
Target Server Name: example.com
Additional Information: HTTP/example.com
Process Information:
Process ID: 0x2208
Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Network Information:
Network Address: -
Port: -
This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
我不知道还能做什么。请帮忙。
【问题讨论】:
标签: sharepoint single-sign-on office365 adfs