MailExchange ADFS Authentication Errors

Occasional Visitor

I have issue with ADFS authentication on My exchange server. The problem encountered in the ADFS 3.0 of the window server 2012 and exchange server 2013 cu22.

i have 3 server:

1 vm x ADDS
1 vm x ADFS
1 vm x adfs (lan)

Because web application proxy is optional, so in my dev enviroment I don't use web application proxy server.
I followed the below instruction link to config AD FS claims-based authentication with Outlook Web App and EAC:

https://docs.microsoft.com/en-us/exchange/using-ad-fs-claims-based-authentication-with-outlook-web-a...
In my web browser (Chrome, Firefox), I sign in OWA, response returns the http error 401. I try to sign in EAC by type my username (domain\user) and password, EAC show message "An error occurred. Contact your administrator for more information". I check event viewer of Exchange Server, there are no errors in event viewer. I check event viewer of ADFS server, the following error was reported:
ncountered error during federation passive request.

Additional Data

Protocol Name:
wsfed

Relying Party:
https://mailsrv.contoso.com/ecp/

Exception details:
Microsoft.IdentityServer.Web.InvalidRequestException: MSIS7042: The same client browser session has made '6' requests in the last '1' seconds. Contact your administrator for details.
at Microsoft.IdentityServer.Web.Protocols.PassiveProtocolHandler.UpdateLoopDetectionCookie(WrappedHttpListenerContext context)
at Microsoft.IdentityServer.Web.Protocols.WSFederation.WSFederationProtocolHandler.SendSignInResponse(WSFederationContext context, MSISSignInResponse response)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.ProcessProtocolRequest(ProtocolContext protocolContext, PassiveProtocolHandler protocolHandler)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)

I already search in google about error MSIS7042 but nothing can solve my problem.
Any idea to help me?
Thank for your help.

0 Replies