Applies ToWindows Server 2012 R2 Datacenter Windows Server 2012 R2 Standard Windows Server 2012 R2 Essentials Windows Server 2012 R2 Foundation

Symptoms

Multi-Factor Authentication (MFA) fallback authentication fails through the Active Directory Federation Services (ADFS) Proxy.

Cause

This issue occurs because of a hard-coded time-out limit in ADFS proxy code. When the time-out occurs, you are prevented from accessing applications.

Resolution

To fix this issue, install the May 2016 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 (KB3156418).

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

More Information

Configuring time-out exampleFollowing is an example of the Windows Management Instrumentation (WMI) way of updating time-out:

  • Commands to update time-out need to be executed in the elevated PowerShell mode on the proxy computer. The steps are as follows:

    $x=Get-WmiObject -class ProxyService -namespace root/ADFS$x.CongestionControlConnectionTimeout=300$x.put()

  • The example sets time-out to 300 seconds (5 minutes), reflected in C:\windows\adfs\Config\microsoft.proxyservice.config.txt.

Note Always configure connectionTimeoutInSec in C:\windows\adfs\Config\microsoft.proxyservice.config.txt by using WMI as explained above. We don't recommend you configure connectionTimeoutInSec manually. Uninstallation informationIf you uninstall the package, the timeout settings are still in the file. Therefore, when you restart the proxy service, it fails stating that connectionTimeoutInSec (previous entry) is unknown. To fix this, manually remove the connectionTimeoutInSec property from the config file.

References

Learn about the terminology that Microsoft uses to describe software updates.

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.