We are facing a problem during ADFS 3.0 (Windows Server 2012 R2), because we do not find a suitable URL for hardware Load Balancer probe to test ADFS nodes.
When tried with IE browser, the URL https://sts.adfs1.ad/adfs/ls/IdpInitiatedSignon.aspx properly results in ADFS login page but, when tried the same URL with HW LB probe, the probe gets no answer from ADFS server at all.
We compared incoming traffic with network monitor in that ADFS server node (https temporary changed to http to see the traffic), a somewhat similar HTTP GET query did exist:
GET /adfs/ls/IdpInitiatedSignon.aspx HTTP/1.1..Accept: image/jpeg, image/gif, image/pjpeg, application/x-ms-application, application/xaml+xml, application/x-ms-xbap, */*..Accept-Language: fi-FI..User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)..Accept-Encoding: gzip, deflate..Host: sts.adfs1.ad
.PV??ìà_¹«.ç..E..ð'@.ÿ.%Ƭ..ü¬..Lî¢.PL?Ëf\Mæ?...?Ä.......f;[.4..GET /adfs/ls/IdpInitiatedSignon.aspx HTTP/1.1..Connection: Close..Host: sts.adfs1.ad
How to properly monitor the ADFS 3.0 server nodes?
Br, Kari Oikkonen
MCITP/2008
Fujitsu Finland