\n
![\"AD](\"http:\/\/blog.hosebei.ch\/wp-content\/uploads\/2016\/04\/adfs_wapinstall01.png\")
<\/a>\nWith Text:
\n\u200eUnable to retrieve proxy configuration data from the Federation Service.
\nAdditional Data
\nTrust Certificate Thumbprint:
\n3CD8F7C4697ED510546F74C25B4FD4F8C183CE34 <\/p>\n
Status Code:
\nUnauthorized
\nException details:
\nSystem.Net.WebException: The remote server returned an error: (401) Unauthorized.
\n at System.Net.HttpWebRequest.GetResponse()
\n at Microsoft.IdentityServer.Management.Proxy.StsConfigurationProvider.GetStsProxyConfiguration()
\n—- End Snip—
\nI was quite sure, that I had everything quite well configured, and that I was using the correct certificate.<\/p>\n
With the Error (401) Unauthorized, I thought it might be an issue with the account required to connect to the ADFS Farm, but this wasn’t the case. I found this Blog<\/a> that tells to check and Enable Device Registration Service in some circumstances, but I had this feature already activated. Hope this helps someone else<\/p>\n","protected":false},"excerpt":{"rendered":" Hi, today I faced the issue, that when I tried to install my Web Application Proxy for ADFS, it permanently fails with the Event ID 422: With Text: \u200eUnable to retrieve proxy configuration data from the Federation Service. Additional Data Trust Certificate Thumbprint: 3CD8F7C4697ED510546F74C25B4FD4F8C183CE34 Status Code: Unauthorized Exception details: System.Net.WebException: The remote server returned an […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2,3,7,17],"tags":[],"class_list":["post-2234","post","type-post","status-publish","format-standard","hentry","category-active-directory","category-adfs","category-azure-ad","category-emm"],"_links":{"self":[{"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=\/wp\/v2\/posts\/2234","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2234"}],"version-history":[{"count":0,"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=\/wp\/v2\/posts\/2234\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2234"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2234"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.hosebei.ch\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2234"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nSo, time to shine, because I had this Installation already up and running, and was wondering why I could not create the Trust between the Web Application Proxy and the AD FS Farm.
\nI then checked the ADFS Service properties and recognized, that there was an http address used:
\n<\/a>
\nSo port 80 would be required to open to the Farm from the Proxy Servers.
\nAfter I have added this rule to the Firewall, the WAP could be federated easily and worked afterwards as expected. I still wonder why this worked before, or if I have changed something on the Firewall in advance of this issue.<\/p>\n