Points to Remember

You can use these items to troubleshoot your problems.

Verify that the time is synchronized across all components.
- Use NTP.
- Compare the timestamp on any Workspace ONE Access errors with the current time on the AD FS servers.
Log in to the AD FS Server and check the AD FS logs in the Event Viewer/Application and Services Logs/AD FS/.
Verify if you can access https://<ADFSserver>/ADFS/ls/IdpInitiatedSignOn.aspx. If you do not, then log in to AD FS Server and run the following in PowerShell as an administrator:
- ```
Set-AdfsProperties - EnableIdPInitiatedSignonPage $true
```
- Verify by running Get-AdfsProperties and check if the value has been changed to True.
Verify that the AD FS service account has Read permissions to the AD FS certificate in use.