Symptom: After configuration AD FS if you tried to connect to the endpoint for e.g.
“……adfs/services/trust/13/usernamemixed”
and you get following error message “HTTP Error 503. The service is unavailable.”.
However if you see the endpoint is enabled in AD FS
Reason: If you look at the AD FS event log on the AD FS machine you might see following error when the AD FS service was started
There was an error in enabling endpoints of Federation Service. Fix configuration errors using PowerShell cmdlets and restart the Federation Service.
Exception details:
System.Net.HttpListenerException (0x80004005): The process cannot access the file because it is being used by another process
at System.Net.HttpListener.AddAllPrefixes()
at System.Net.HttpListener.Start()
at Microsoft.IdentityServer.WebHost.HttpListenerBase.Start(UInt32 contextPoolSize)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.Start()
at Microsoft.IdentityServer.ServiceHost.STSService.OnStartInternal(Boolean requestAdditionalTime)
Resolution: The usual port on which AD FS runs is busy. You can address this issue by changing the port number for AD FS service by following these steps
- Open PowerShell command prompt
- Enter tthe command: Set-ADFSProperties –nettcpport 444 (You can select any available port)
- Restart AD FS service.
Now if you try to connect to the endpoint programatically, it should work fine.
Great solution! Thanks