You can use these items to troubleshoot your problems.
- Verify that the time is synchronized across all components.
- Use NTP.
- Compare the timestamp on any Workspace ONE Access errors with the current time on the AD FS servers.
- Log in to the AD FS Server and check the AD FS logs in the Event Viewer/Application and Services Logs/AD FS/.
- Verify if you can access https://<ADFSserver>/ADFS/ls/IdpInitiatedSignOn.aspx. If you do not, then log in to AD FS Server and run the following in PowerShell as an administrator:
-
Set-AdfsProperties - EnableIdPInitiatedSignonPage $true
- Verify by running
Get-AdfsProperties
and check if the value has been changed toTrue
.
-
- Verify that the AD FS service account has Read permissions to the AD FS certificate in use.