Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Error message after you run the MOSDAL Support Toolkit: "There was no response from the federation server when the tool attempted to retrieve a Metadata Exchange (MEX) document"


View products that this article applies to.

Problem

After you run the Microsoft Online Services Diagnostics and Logging (MOSDAL) Support Toolkit, the Active Directory Federation Services (AD FS) diagnostics log contains the following error message:

There was no response from the federation server when the tool attempted to retrieve a Metadata Exchange (MEX) document.

Note The AD FS diagnostics log located here:
\Admin_Applications\SSO_Diagnostic_Tests\ADFSDiagnostic.txt
In addition, you may notice one of the following symptoms when you sign in to Office 365 web services by using federated user credentials:
  • "Page not found" error when you connect to AD FS
  • Certificate warning when you connect to AD FS

↑ Back to the top


Cause

This issue may occur if one of the following conditions is true:
  • Service problems with AD FS limit access
  • Problems exposing AD FS to the Internet through reverse proxy limits access.
  • AD FS MEX address changes not made to the Windows Azure Active Directory (Windows Azure AD) authentication system
  • Secure Sockets Layer (SSL) certificate problems with the AD FS service
  • Faulty DNS configuration that causes incorrect name resolution of AD FS endpoints

↑ Back to the top


Solution

To resolve this issue, use one of the following methods, as appropriate for your situation.

Method 1: Troubleshoot AD FS connectivity

Troubleshoot AD FS service problems that might limit connectivity by using the following Microsoft Knowledge Base article: �
2419389�Internet browser cannot display the AD FS webpage when a federated user tries to sign in to Office 365 web resources �

Method 2: Troubleshoot AD FS Proxy server functionality

If the sign-in problems that are described earlier only occur when you are connected to AD FS from outside the on-premises network, use the following Microsoft Knowledge Base article to troubleshoot AD FS Proxy service problems that might limit connectivity: �
2712961�How to troubleshoot the AD FS connection

Method 3: Update the AD FS service metadata to Windows Azure AD

If the sign-in problems that are described earlier begin to occur after the service name of the AD FS Federation service farm is changed, the new MEX endpoint address must be updated in Windows Azure AD. To do this, use the "How to update the configuration of the Office 365 federated domain" of the following Microsoft Knowledge Base article: �
2647048 How to update or to repair the configuration of the Office 365 federated domain

Method 4: Troubleshoot AD FS SSL certificate problems

If a sign-in attempt to Office 365 web services results in a certificate warning from the AD FS server, use the following Microsoft Knowledge Base article to troubleshoot SSL certificate problems:
2523494� You receive a certificate warning from AD FS when you access Office 365 web resources by using a federated account

Method 5: Troubleshoot split-brain DNS problems for AD FS service name resolution

To troubleshoot split-brain DNS configuration problems with the on-premises network, use the following Microsoft Knowledge Base article:
2715326 Split-brain DNS misconfiguration prevents seamless SSO sign-in experience

↑ Back to the top


More information

Still need help? Go to the�Office 365 Community�website or�the�Windows Azure Active Directory Forums website.

↑ Back to the top


Keywords: o365, mosdal4.5, o365062011, pre-upgrade, o365m, o365e, o365022013, after, upgrade, o365a, KB2707336

↑ Back to the top

Article Info
Article ID : 2707336
Revision : 11
Created on : 9/30/2013
Published on : 9/30/2013
Exists online : False
Views : 545