To Be A CyberMan: The 0365 email/ADFS Troubleshooting - Http status 500 error

 To Be A CyberMan: The O365 email/ADFS Troubleshooting - Http status 500 error 

 

0x00: Preview Knowlege

ADFS: Active Directory Federation Services (ADFS) is a Microsoft Single Sign-On (SSO) solution. It provides users with authenticated access to applications that are not capable of using Integrated Windows Authentication (IWA) through Active Directory (AD).

 

Reference:

https://docs.microsoft.com/en-us/windows-server/identity/active-directory-federation-services

 

0x01: Symptoms

Some users reported they were not able to log into the email from Web console, the error shows: HTTP status 500:internal server error

 

0x02: Troubleshooting

  1. We tested some accounts email, The issue only affected some of the user's web-based Outlook applications. So we sent the email to our outlook service provider, got confirmation that the outlook service is working.
  2. From the error message, we can see the error is the internal server, for the O365 outlook, we are using an internal ADFS  authentication server. So we checked the adfs proxy/adfs servers.
  3. We checked the ADFS log Events, found some errors.

、 【 【 OZOZJOLÆ 、 ~ OZOZIO"E 、 【 ~ 0a0U3

  1. The ADFS service was stopped. Restarting it just gave errors as below:

Error 352, ADFS

A SQL operation in the AD FS configuration database with connection string Data Source=np:\\.\pipe\microsoft##wid\tsql\query;Initial Catalog=AdfsConfigurationV3;Integrated Security=True failed.  

  1. According to the error, we did some research, found the resolution.

 

Reference:

https://sysandev.blogspot.com/2019/04/a-sql-operation-in-ad-fs-configuration.html

https://ninjanichols.com/2013/02/ad-fs-2-0-service-fails-to-start/

 

0x03: Resolution

  1. restart “Windows Internal Database” service.
  2. restart the “AD FS 2.0 Windows Service”.

Data Q user Manager V i rtual Disk VPOAp.t W L ogging Sevice Windows Windows e *stem Windows Carnet' Frame W Def Service Windows Drive - Windows Encryption HOA S— Windows Event C W Firewall W F Cache Service WindM (WIA) Wind0M struct mess"es. Of user including COMRt use Manager provides the runtime cornponents required for mum-use "ter•cticn. This is "d If this is stom for disks. volume fik and • mplm-m•nts Cc•pio "d printer driver notifications to user mode cuents. PM of Provide W3C k•ggUtg for Service (MS). service is Hosts o*cts by of Alet M. noes fot Windows - based programs. If this service is stoned devices for the WndOwS AuOO If this service is stopped Windows bio meric gives client applications the to muRiple to video fumes from devices. comect,'discom-rct decisions based on 0m Helps .gainst attempts and Hdps protect from malware and Othe ntentiany .nd manages drive This be stopped. W.ndOwS Encryption Provider Host Service encry*ion related fm to be repotted *hen stop woüin9 or responding and e. This service manages persistent subscriptions to e•vems from remote sources that wpm This "d Wgs. It qwports æts. . Windows helps your by unauthorized Optmize Of by Lßed fort image acquisition for cameras Run rang Run Run R unmng Ai.nom*ic (L Manual AutomMiC Local *stem System Local System Local System Local *stem System Local LOC e Local *Stem LOC Local *Stem Local *stem System Windows Prm-ides intern.' use by Serve. "d

 

0x04: More information

  1. Can check the ADFS token signing certificates on the office365 side, make sure it is not expired. Some times it will only update on the ADFS side and failed to get to Office365.
  2. Check the Event Logs on ADFS Server to get more error information.
  3. Can  try this one as well:
    1. Open PowerShell as an Administrator on the primary ADFS server
    2. run Connect-Msolservice and connect using an Azure administrator account
    3. run Update-MsolFederatedDomain –DomainName xxxx.com
    4.  restart ADFS service

 

 

 

 

Comments

Post a Comment

Popular posts from this blog

To Be A CyberMan: Installing PfSense on a WatchGuard Firebox

Image
OX01 Preface My company recently upgraded its firewall to FortiGate Firewall.  They eliminated 3 of the licenses expired WatchGuard Firebox Firewalls. The WatchGuard FireBox models are XTM5 Series, M400, and M470. I was wondering if I can install the opensource Firewall application such as PfSense on FireBox to use as Testing Lab Environment. 0X02 Information      XTM5 Series comes with a 1GB CF card, free space is not enough for the lastest Pfsense,  need to add additional Hard Disk as PfSense system booting drive.     M400 comes with a 4 GB CF card, can use CF card as a PfSense system booting drive.     M470 comes with mSTAT SSD.  can SSD as a PfSense system booting drive. 0X03 Installing PfSense on M400 1. Preparation:           WatchGuard Firebox M400 Appliance          A USB Flash Drive          A CF Card USB reader          A co...
Read more

How I passed the CSX Fundamentals within one month

Image
  How I passed the CSX Fundamentals within one month Hi Guys, My name is Trevor Shi. I just passed the CSX within one month. I would like to share some experience maybe it will help you guys to prepare the exam. One of the funny things was, I used one month to learn it. But I spent the other one month to book the exam. I re-booked 5 times of exam as ISACA PSI online exam application has lots of issues.  I met every situation you can imagine. The first-time ISACA website down, the second-time they canceled my booked without excuse, the third-time application couldn't open, and the Fourth time was my fault, I just missed the exam. Finally, I got this certificate. We had a small group named CyberRookie, It just like an unorganized cyber knowledge self-studying group, we are trying to be more organized. So t he purpose of this article is as a guideline of the CyberRookie Project CSX certification learning method . A. The Cybersecurity Fundamentals Certific...
Read more