Skip to content
Tags

, , , ,

Unable to start the AD FS 2.0 Windows service due to service timeout

July 29, 2013

During ADFS configuration (or service restart), ‘AD FS 2.0 Windows Service’ may fail to start with the following error:

Unable to start the AD FS 2.0 Windows service. Check Event Viewer for details.

2013.07.29_adfs_timeout_1

The following errors are written to the System log:

Log Name:      System
Source:        Service Control Manager
Event ID:      7009
Level:         Error
Keywords:      Classic
Description:
A timeout was reached (30000 milliseconds) while waiting for the AD FS 2.0 Windows Service service to connect.

2013.07.29_adfs_timeout_2

Log Name:      System
Source:        Service Control Manager
Event ID:      7000
Level:         Error
Keywords:      Classic
Description:
The AD FS 2.0 Windows Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

2013.07.29_adfs_timeout_3

The problem is caused by a lack of Internet access on your ADFS and/or ADFS Proxy Servers. During service startup, your ADFS and ADFS Proxy servers attempt to communicate with the Microsoft Certificate Revocation List at crl.microsoft.com. Failure to communicate with crl.microsoft.com can (but doesn’t always) cause the service to timeout.

You can easily verify this on your ADFS Proxy Servers by browsing to both http://{adfs_server_or_cluster} and https://{adfs_server_or_cluster}. You should find the https secure page takes much longer to load.


Resolution:

The easiest way to resolve is to configure your ADFS and ADFS Proxy Servers with outbound Internet access. This can either be direct access or through a web proxy server if necessary.

If you absolutely cannot give your ADFS or ADFS Proxy Servers outbound Internet access, even through a web proxy, then refer to this TechNet article for alternative workarounds.

Advertisements
Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: