AD FS Access Over Windows Trusts
Applies To: Windows Server 2008
When a Windows trust exists between two Active Directory forests, the user accounts in one forest can access a Windows NT token-based application in another forest, which eliminates the need for resource accounts. Windows trusts enable service administrators to create or extend collaborative relationships between two or more domains or forests.
Events
| Event ID | Source | Message |
|---|---|---|
Microsoft-Windows-ADFS |
The Federation Service encountered an error while attempting to update the Windows trust cache. The Federation Service will continue to use previously cached Windows trust data until the update completes successfully. The next attempt at a cache update will occur in %1 minutes. Retry period: %1 User Action If this error persists, verify that your Windows trust relationships are functional. Additional Data Domain last processed: %2 Native error code: %3 |
|
Microsoft-Windows-ADFS |
The Federation Service encountered an error while attempting to update the Windows trust cache. The Federation Service never successfully built the Windows trust cache. Therefore, tokens that are issued by account partners that use a Windows trust will be rejected until the update completes successfully. The next attempt at a cache update will occur in %1 minutes. Retry period: %1 User Action If this error persists, verify that your Windows trust relationships are functional. Additional Data Domain last processed: %2 Native error code: %3 |