Skip to main content


 

Symptoms

 


When trying to open a form you receive the error: ID4223 - Exception of type 'System.Web.HttpUnhandledException' was thrown. Authentication With Server Failed : ID4223: The SamlSecurityToken is rejected because the SamlAssertion.NotOnOrAfter condition is not satisfied. NotOnOrAfter: :DateTime] Current Time: :DateTime]

 

 

Diagnoses

 


This error happens when the clock on the ADFS server and the clock on the machine hosting the website are not synchronized.
 

 

Resolution

1) Restart Windows Timer Service
2) Run w32tm /resync in a elevated command prompt
3) iisreset
4) Restart K2 server
5) Restart SQL Server

Disable connection pooling by adding <add key="Forms.UseConnectionPooling" value="false"/> to the configSections section of the web.config of the Designer, Runtime and Workflow sites.

OR
Extend the token lifetime of the bootstrap token to 9 hours (540 minutes) for example, which will cover a typical working day. Execute the following commands in Windows PowerShell on the environment hosting the AD FS service to change this:
Add-PSSnapin Microsoft.Adfs.PowerShell
Set-ADFSRelyingPartyTrust -Targetname "Designer" -TokenLifetime 540
Set-ADFSRelyingPartyTrust -Targetname "Workflow" -TokenLifetime 540
Set-ADFSRelyingPartyTrust -Targetname "Runtime" -TokenLifetime 5

 

 



 
Be the first to reply!

Reply