Event ID 102 — Windows NT Token-Based Application Malformed Requests
Applies To: Windows Server 2008
Web Agent for Windows NT Token-Based Applications Malformed Requests logs token requests, session cookies, and sign-in requests that are associated with the Windows token-based agent. Malformed Requests also provides information about protocol requests that are made to the AD FS Web Agent and client cookies, and it records any sign-on issues.
Event Details
Product: | Windows Operating System |
ID: | 102 |
Source: | Microsoft-Windows-ADFS |
Version: | 6.0 |
Symbolic Name: | WSEXT_AUTH_DATA_FAILURE |
Message: | The AD FS Web Agent for Windows NT token-based applications was unable to authenticate a client token. User Action Look for additional events in the application log and the security log that may contain more details. Consider enabling failure auditing on this Web server if auditing is not already enabled. |
Resolve
Look for additional events in log files for more details
Consider enabling failure auditing for the Windows NT token-based application to obtain more information about the issue.
To perform this procedure, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.
To enable failure auditing for a Windows NT token-based application:
- On the AD FS-enabled Web server, open Regedit. Click Start, click Run, type regedit, and then click OK.
- Navigate to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ifssvc.
- Right-click Parameters, click New, and then click DWORD Value.
- In the new value file name box, type ADFSEvent, and then press Enter.
- Double-click the new entry, and then in Value data, type 8, and then click OK to enable failure auditing.
Verify
Verify that you can access the Active Directory Federation Services (AD FS)-enabled application from a client browser and that the resource can be accessed with the appropriate authorization.