Logo

[SP2013] SharePoint, ADFS and 404 on /_trust/default.aspx

photo

2023年04月07日

[SP2013] SharePoint, ADFS and 404 on /_trust/default.aspx

Those of you who know SharePoint, probably also know those annoying problems you just cannot get your head around. Well today I had one of those problems.

Introduction

I was in the process of configuring ADFS for SharePoint. I’m not going to go into too much detail here because that process is well documented on its own. But following all the steps, I was left with a non-working authentication scheme.

The symptoms

When I opened up SharePoint, I got to the “Sign In” page. That page allows you to select the login provider you want to use. After configuring ADFS, it will list Windows and ADFS (provided you had Windows / NTLM authentication beforehand). I selected the ADFS option and then – after a refresh – got the same page again. Huh?

So I checked with Fiddler and found the following course of events:

302 POST /_login/default.aspx?ReturnUrl=/_layouts/15/Authenticate.aspx?Source=%2F&Source=/
404 GET /_trust/default.aspx?trust=ADFS&ReturnUrl=/_layouts/15/Authenticate.aspx?Source=%2F&Source=/ HTTP/1.1
302 GET /Pages/PageNotFoundError.aspx?requestUrl=https://portal.contoso.com/_trust/default.aspx HTTP/1.1
302 GET /_layouts/15/Authenticate.aspx?Source=/Pages/PageNotFoundError.aspx?requestUrl=https://portal.contoso.com/_trust/default.aspx HTTP/1.1
200 GET /_login/default.aspx?ReturnUrl=/_layouts/15/Authenticate.aspx?Source=%2FPages%2FPageNotFoundError%2Easpx%3FrequestUrl%3Dhttps%3A%2F%2Fportal%2Econtoso%2Ecom%2F%5Ftrust%2Fdefault%2Easpx&Source=/Pages/PageNotFoundError.aspx?requestUrl=https://portal.contoso.com/_trust/default.aspx HTTP/1.1 

 

There are two important things to notice here:

  1. There is no call to ADFS whatsoever, all URL’s pointed towards SharePoint
  2. Line 2 shows a 404 error on the /_trust URL

Finding the problem

I did several things trying to find out what was going wrong. First I checked the ULS logs, which didn’t reveal anything out of the ordinary. Then the IIS logs, same thing. The logging was consistent with what was happening. Then I double checked all of my configuration, which all seemed to be fine. So what the hell was wrong then?

The 404 indicates a page not found of course. Initially I thought SharePoint was throwing this error because of a fault in the configuration or something. I had checked quickly to see if the /_trust folder was on disk, which is was. For reference, that folder should be in your virtual directory path of IIS.

What the problem was

I mentioned I had checked quickly, and that was why I initially didn’t see the issue. I had two IIS web sites running for this web application; one for port 80 and one SSL secured one on port 443. Check out the folder view of both:

adfsissue_folders

Notice that the first one (port 80) has the _trust folder, but the second one (443) didn’t! So that 404 error was a pretty accurate one. But why the hell would that folder be missing? I honestly have no clue.

What I did to fix it

So how do you fix a missing virtual folder in IIS? I first tried running the configuration wizard again, which usually reprovisions some stuff, that didn’t helpt. I then tried stopping and starting the “SharePoint Web Applications” service, which basically does a reprovision of everything in IIS. I made sure everything was deleted and then recreated, but weirdly that did not fix it either. So I ended up with removing the web site complete from within Central Administration and then recreating it.

adfsissue_remove

And there it was! The /_trust folder appeared in IIS and all of my problems melted like snow before the summer sun. I still don’t exactly know why this went wrong, but at least the above is quite an easy fix for when it does go wrong.

, ,

橙子主题打折出售

其实我不卖,主要是这里是放广告的,所以就放了一个
毕竟主题都没做完,卖了也是坑.

购买它
本文为原创文章,请注意保留出处!

热门文章

Windows Server IIS+ARR反向代理(配置反向代理服务器) 1.概念说明:反向代理反向代理服务器位于用户与目标服务器之间,但是对于用户而言,反向代理服务器就相...WindowsServerIIS+ARR反向代理(配置反向代理服务器) 作者:Pastore Antonio
1618 浏览量
ffmpeg 生成水印 1:先要配置ffmpeg的滤镜:参考:https://www.jianshu.com/p/9d24...ffmpeg生成水印 作者:Pastore Antonio
1527 浏览量
Navicat Premium 12.0.22 安装与破解 一、安装  NavicatPremium12.0.22的下载链接:https://pan.ba...NavicatPremium12.0.22安装与破解 作者:Pastore Antonio
1472 浏览量
谷歌浏览器扩展程序报错 The message port closed before a response was received. 问题描述ChromeExtension报错:Uncheckedruntime.lastEr...谷歌浏览器扩展程序报错Themessageportclosedbeforearesponsewasreceived. 作者:Pastore Antonio
1463 浏览量
天地光阴,唯深情可依 如果光阴把一切席卷而去,最后剩下的,一定是一抹幽兰。如果爱情把一切席卷而去,最后留下的,也定是带着蓝色记忆的最初的心动。 作者:Pastore Antonio
1460 浏览量