我尝试配置使用ADFS进行Office 365的SSO,我的虚拟机(Windows Server 2012 R2)与AD DC一起使用。ADFS已安装在我的虚拟机上。我的虚拟机位于路由器后面,我已经将端口转发到我的虚拟机,特别是80、443、5985端口。
我已成功安装了Windows Server 2012 R2的最新更新以及ADFS的个别更新(特别是KB3018886、KB3020773、KB3025078、KB3033917、KB3035025、KB3052122)。
我已在我的AD上创建了附加的UPN后缀。
我使用以下脚本实现我的目标。
在我的情况下,UPN后缀、$adfsServerAddress和$domainName是相同的。脚本正在我的虚拟机上运行。
脚本在Set-MsolADFSContext命令上失败。错误信息为:
我有以下日志记录。
我已成功安装了Windows Server 2012 R2的最新更新以及ADFS的个别更新(特别是KB3018886、KB3020773、KB3025078、KB3033917、KB3035025、KB3052122)。
我已在我的AD上创建了附加的UPN后缀。
我使用以下脚本实现我的目标。
clear-host
$ErrorActionPreference = "Stop"
$adfsServerAddress = "example.com"
$domainName = "example.com"
$cred = Get-Credential -Message "Enter a Global Administrator account from Office 365"
Write-Host "Connecting to Microsoft Online Services with the credential" -foreground Green
Connect-MsolService -Credential $cred
Enable-PSRemoting -Force
Write-Host "Setting of the MSOL ADFS Context server to the ADFS server" -foreground Green
Set-MsolADFSContext -Computer $adfsServerAddress -logfile c:\log.txt
Write-Host "Converting of the domain to a federated domain" -foreground Green
Convert-MsolDomainToFederated -DomainName $domainName
Write-Host "Verifying federation" -foreground Green
Get-MsolFederationProperty -DomainName $domainName
在我的情况下,UPN后缀、$adfsServerAddress和$domainName是相同的。脚本正在我的虚拟机上运行。
脚本在Set-MsolADFSContext命令上失败。错误信息为:
Set-MsolADFSContext : The connection to example.com Active Directory
Federation Services 2.0 server failed due to invalid credentials.
At C:\Users\Administrator\Desktop\Office 365 ADFS configuration.ps1:16 char:1
+ Set-MsolADFSContext -Computer $adfsServerAddress -logfile c:\log.txt
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Set-MsolADFSContext], Fed
erationException
+ FullyQualifiedErrorId : ConnectionToGenevaServerFailed,Microsoft.Online.
Identity.Federation.Powershell.ContextCredentialsCommand
我有以下日志记录。
8/28/2015 3:47:38 AM Command Set-MsolADFSContext invoked.
8/28/2015 3:47:38 AM Creating ADFS Server PS session.
8/28/2015 3:47:38 AM ContextCredentialsCommand:CreatePowerShellSessionToGenevaServer: Invoked.
8/28/2015 3:47:38 AM Creating PS session to 'example.com' ADFS server
8/28/2015 3:47:38 AM Connect using current logged-on user creds.
8/28/2015 3:47:38 AM Runspace Connection info: Scheme:http Port:5985, AuthenticationType:Default Uri:example.com AppName:wsman, Shell:http://schemas.microsoft.com/powershell/Microsoft.PowerShell
8/28/2015 3:47:38 AM Connection Uri: http://example.com:5985/wsman/
8/28/2015 3:47:38 AM Opening runspace to 'http://example.com:5985/wsman/'
8/28/2015 3:47:39 AM System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
8/28/2015 3:47:39 AM fullyQualifiedErrorId: System.Management.Automation.Remoting.PSRemotingDataStructureException
8/28/2015 3:47:39 AM Command failed: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.ParseAndThrowErrorRecord(ErrorRecord errorRecord, String overRideErrorId)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.OpenToGenevaServer(PSCredential serverCredential)
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.<>c__DisplayClass2.<CreatePowerShellSessionToGenevaServer>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
8/28/2015 3:47:39 AM Retry errorId: ConnectionToGenevaServerFailed
8/28/2015 3:47:39 AM Retry exception: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException
8/28/2015 3:47:40 AM Going to sleep mode for 1000 milliseconds before reattempt - 2
8/28/2015 3:47:41 AM Runspace Connection info: Scheme:http Port:5985, AuthenticationType:Default Uri:example.com AppName:wsman, Shell:http://schemas.microsoft.com/powershell/Microsoft.PowerShell
8/28/2015 3:47:41 AM Connection Uri: http://example.com:5985/wsman/
8/28/2015 3:47:41 AM Opening runspace to 'http://example.com:5985/wsman/'
8/28/2015 3:47:42 AM System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
8/28/2015 3:47:42 AM fullyQualifiedErrorId: System.Management.Automation.Remoting.PSRemotingDataStructureException
8/28/2015 3:47:42 AM Command failed: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.ParseAndThrowErrorRecord(ErrorRecord errorRecord, String overRideErrorId)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.OpenToGenevaServer(PSCredential serverCredential)
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.<>c__DisplayClass2.<CreatePowerShellSessionToGenevaServer>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
8/28/2015 3:47:42 AM Retry errorId: ConnectionToGenevaServerFailed
8/28/2015 3:47:42 AM Retry exception: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException
8/28/2015 3:47:42 AM Going to sleep mode for 2000 milliseconds before reattempt - 3
8/28/2015 3:47:44 AM Runspace Connection info: Scheme:http Port:5985, AuthenticationType:Default Uri:example.com AppName:wsman, Shell:http://schemas.microsoft.com/powershell/Microsoft.PowerShell
8/28/2015 3:47:44 AM Connection Uri: http://example.com:5985/wsman/
8/28/2015 3:47:44 AM Opening runspace to 'http://example.com:5985/wsman/'
8/28/2015 3:47:45 AM System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
8/28/2015 3:47:45 AM fullyQualifiedErrorId: System.Management.Automation.Remoting.PSRemotingDataStructureException
8/28/2015 3:47:45 AM Command failed: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.ParseAndThrowErrorRecord(ErrorRecord errorRecord, String overRideErrorId)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.OpenToGenevaServer(PSCredential serverCredential)
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.<>c__DisplayClass2.<CreatePowerShellSessionToGenevaServer>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
8/28/2015 3:47:45 AM Retry errorId: ConnectionToGenevaServerFailed
8/28/2015 3:47:45 AM Retry exception: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException
8/28/2015 3:47:45 AM Failure after too many retry attempts...
8/28/2015 3:47:45 AM Wrong credentials to ADFS Server connection, attempt #'1'
8/28/2015 3:47:45 AM Prompting the user for 'example.com' ADFS Server creds.
8/28/2015 3:47:45 AM ContextCredentialsCommand:GetServerCredentials: Invoked.
8/28/2015 3:47:55 AM Runspace Connection info: Scheme:http Port:5985, AuthenticationType:Default Uri:example.com AppName:wsman, Shell:http://schemas.microsoft.com/powershell/Microsoft.PowerShell
8/28/2015 3:47:55 AM Connection Uri: http://example.com:5985/wsman/
8/28/2015 3:47:55 AM Opening runspace to 'http://example.com:5985/wsman/'
8/28/2015 3:47:56 AM System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
8/28/2015 3:47:56 AM fullyQualifiedErrorId: System.Management.Automation.Remoting.PSRemotingDataStructureException
8/28/2015 3:47:56 AM Command failed: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.ParseAndThrowErrorRecord(ErrorRecord errorRecord, String overRideErrorId)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.OpenToGenevaServer(PSCredential serverCredential)
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.<>c__DisplayClass2.<CreatePowerShellSessionToGenevaServer>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
8/28/2015 3:47:56 AM Retry errorId: ConnectionToGenevaServerFailed
8/28/2015 3:47:56 AM Retry exception: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException
8/28/2015 3:47:56 AM Going to sleep mode for 1000 milliseconds before reattempt - 2
8/28/2015 3:47:57 AM Runspace Connection info: Scheme:http Port:5985, AuthenticationType:Default Uri:example.com AppName:wsman, Shell:http://schemas.microsoft.com/powershell/Microsoft.PowerShell
8/28/2015 3:47:57 AM Connection Uri: http://example.com:5985/wsman/
8/28/2015 3:47:57 AM Opening runspace to 'http://example.com:5985/wsman/'
8/28/2015 3:47:58 AM System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
8/28/2015 3:47:58 AM fullyQualifiedErrorId: System.Management.Automation.Remoting.PSRemotingDataStructureException
8/28/2015 3:47:58 AM Command failed: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.ParseAndThrowErrorRecord(ErrorRecord errorRecord, String overRideErrorId)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.OpenToGenevaServer(PSCredential serverCredential)
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.<>c__DisplayClass2.<CreatePowerShellSessionToGenevaServer>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
8/28/2015 3:47:58 AM Retry errorId: ConnectionToGenevaServerFailed
8/28/2015 3:47:58 AM Retry exception: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException
8/28/2015 3:47:58 AM Going to sleep mode for 2000 milliseconds before reattempt - 3
8/28/2015 3:48:00 AM Runspace Connection info: Scheme:http Port:5985, AuthenticationType:Default Uri:example.com AppName:wsman, Shell:http://schemas.microsoft.com/powershell/Microsoft.PowerShell
8/28/2015 3:48:00 AM Connection Uri: http://example.com:5985/wsman/
8/28/2015 3:48:00 AM Opening runspace to 'http://example.com:5985/wsman/'
8/28/2015 3:48:01 AM System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
8/28/2015 3:48:01 AM fullyQualifiedErrorId: System.Management.Automation.Remoting.PSRemotingDataStructureException
8/28/2015 3:48:01 AM Command failed: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.ParseAndThrowErrorRecord(ErrorRecord errorRecord, String overRideErrorId)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.OpenToGenevaServer(PSCredential serverCredential)
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.<>c__DisplayClass2.<CreatePowerShellSessionToGenevaServer>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
8/28/2015 3:48:01 AM Retry errorId: ConnectionToGenevaServerFailed
8/28/2015 3:48:01 AM Retry exception: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException
8/28/2015 3:48:01 AM Failure after too many retry attempts...
8/28/2015 3:48:01 AM Wrong credentials to ADFS Server connection, attempt #'2'
8/28/2015 3:48:01 AM Prompting the user for 'example.com' ADFS Server creds.
8/28/2015 3:48:01 AM ContextCredentialsCommand:GetServerCredentials: Invoked.
8/28/2015 3:48:17 AM Runspace Connection info: Scheme:http Port:5985, AuthenticationType:Default Uri:example.com AppName:wsman, Shell:http://schemas.microsoft.com/powershell/Microsoft.PowerShell
8/28/2015 3:48:17 AM Connection Uri: http://example.com:5985/wsman/
8/28/2015 3:48:17 AM Opening runspace to 'http://example.com:5985/wsman/'
8/28/2015 3:48:18 AM System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
8/28/2015 3:48:18 AM fullyQualifiedErrorId: System.Management.Automation.Remoting.PSRemotingDataStructureException
8/28/2015 3:48:18 AM Command failed: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.ParseAndThrowErrorRecord(ErrorRecord errorRecord, String overRideErrorId)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.OpenToGenevaServer(PSCredential serverCredential)
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.<>c__DisplayClass2.<CreatePowerShellSessionToGenevaServer>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
8/28/2015 3:48:18 AM Retry errorId: ConnectionToGenevaServerFailed
8/28/2015 3:48:18 AM Retry exception: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException
8/28/2015 3:48:18 AM Going to sleep mode for 1000 milliseconds before reattempt - 2
8/28/2015 3:48:19 AM Runspace Connection info: Scheme:http Port:5985, AuthenticationType:Default Uri:example.com AppName:wsman, Shell:http://schemas.microsoft.com/powershell/Microsoft.PowerShell
8/28/2015 3:48:19 AM Connection Uri: http://example.com:5985/wsman/
8/28/2015 3:48:19 AM Opening runspace to 'http://example.com:5985/wsman/'
8/28/2015 3:48:20 AM System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
8/28/2015 3:48:20 AM fullyQualifiedErrorId: System.Management.Automation.Remoting.PSRemotingDataStructureException
8/28/2015 3:48:20 AM Command failed: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException: Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.ParseAndThrowErrorRecord(ErrorRecord errorRecord, String overRideErrorId)
at Microsoft.Online.Identity.Federation.Powershell.PowerShellSession.VerifyAndReconnectRunSpacePool()
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.OpenToGenevaServer(PSCredential serverCredential)
at Microsoft.Online.Identity.Federation.Powershell.ContextCredentialsCommand.<>c__DisplayClass2.<CreatePowerShellSessionToGenevaServer>b__0()
at Microsoft.Online.Identity.Federation.Powershell.Utility.InvokeOperationWithRetry(Action operation, Type exceptionType, String errorId, Int32 retryCount, Int32 retryWaitTimeInMilliseconds)
8/28/2015 3:48:20 AM Retry errorId: ConnectionToGenevaServerFailed
8/28/2015 3:48:20 AM Retry exception: Microsoft.Online.Identity.Federation.Powershell.IdentityFederationException
...
8/28/2015 3:48:23 AM Failure after too many retry attempts...
8/28/2015 3:48:23 AM Wrong credentials to ADFS Server connection, attempt #'3'
我们可以看到,在所有尝试中都出现了相同的错误。
Connecting to remote server example.com failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic.
我尝试执行"winrm quickconfig"命令,结果如下:
WinRM service is already running on this machine.
WinRM is already set up for remote management on this computer.
我遇到了“Enable-PSRemoting -Force”命令相同的问题。
在执行Set-MsolADFSContext过程中,它会两次请求example.com的凭证。我输入了有效的凭证。
在事件查看器中,我有以下记录:
A logon was attempted using explicit credentials.
Subject:
Security ID: WMDOMAIN\Administrator
Account Name: Administrator
Account Domain: WMDOMAIN
Logon ID: 0x10EF8F6
Logon GUID: {59d6d6bb-ed3f-ef6b-d744-b8a45aa4fa64}
Account Whose Credentials Were Used:
Account Name: administrator
Account Domain: WMDOMAIN
Logon GUID: {00000000-0000-0000-0000-000000000000}
Target Server:
Target Server Name: example.com
Additional Information: HTTP/example.com
Process Information:
Process ID: 0x2208
Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Network Information:
Network Address: -
Port: -
This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
我不知道还能做什么。请帮忙。