Article ID: 2707355 - View products that this article applies to.
After you run the Microsoft Online Services Diagnostics and Logging (MOSDAL) Support Toolkit, the Active Directory Federation Services (AD FS) diagnostics log contains the following error message:
Note The AD FS diagnostics log is located at \Admin_Applications\SSO_Diagnostic_Tests\ADFSDiagnostic.txt.
The Username/Password authentication endpoint is missing from the Metadata Exchange (MEX) document that is published by the federation server proxy.
Additionally, you may notice one of the following symptoms when you sign in to your Microsoft cloud service such as Office 365, Windows Azure, or Windows Intune by using a federated account:
This issue may occur if the usernamemixed service endpoint is disabled in the on-premises AD FS Federation.
To resolve this issue, makes sure that the AD FS service endpoints are set to support single sign-on (SSO) authentication. For more information about how to do this, see the following Microsoft Knowledge Base article:
2712957After you update the service endpoints, make sure that the AD FS service endpoint configuration metadata is updated to the Windows Azure Active Directory (Windows Azure AD) authentication system. For more information about how to do this, see the "How to update the configuration of the Office 365 federated domain" section in the following Microsoft Knowledge Base article:
(http://support.microsoft.com/kb/2712957/ )SSO authentication to Office 365 fails after you change AD FS service endpoint settings in the AD FS Management Console
(http://support.microsoft.com/kb/2647048/ )How to update or to repair the configuration of the Office 365 federated domain
Still need help? Go to the Office 365 Community
(http://community.office365.com/)website or the Windows Azure Active Directory Forums
Article ID: 2707355 - Last Review: October 31, 2013 - Revision: 13.0