locked
"claimapp" demo app failing with "The computer must be trusted for delegation" error RRS feed

  • Question

  • I am in the process of setting up a Windows 2012 R2 Standard VM in the lab so that we can test ADFS SSO capabilities with our web application.  I started off configuring the server per the instructions found here:

    "Set up the lab environment for AD FS in Windows Server 2012 R2"

    http://technet.microsoft.com/en-us/library/dn280939.aspx

    When I use a web browser to log in to the claimapp as the "RobertH" user, I end up with the following error message:

    Server Error in '/claimapp' Application.

    The requested operation cannot be completed. The computer must be trusted for delegation and the current user account must be configured to allow delegation.


    The same machine is the DC and ADFS server.  (Note, I am a total newbie to DC and AD stuff)



    • Edited by paule123 Tuesday, December 16, 2014 9:36 PM
    Tuesday, December 16, 2014 9:35 PM

Answers

  • Problem solved.  Per this article and the "sgupta" comment below it.  I already had the Load User Profile set to True, and login was not working.  As soon as I changed the DefaultAppPool Identity from ApplicationPoolIdentity to NetworkService, the claimapp login worked. 
    • Edited by paule123 Wednesday, December 17, 2014 5:03 PM
    • Marked as answer by paule123 Wednesday, December 17, 2014 5:09 PM
    Wednesday, December 17, 2014 4:59 PM