Office 365 ADFS Proxy Error Event ID 364



The environment contains two ADFS servers implemented in the internal network and two ADFS Proxy servers implemented in the DMZ network.

When testing ADFS functionality from the internal network where points to the NLB of the ADFS servers in the internal network the user can access Office 365.

When testing ADFS from the Internet or from the DMZ the ADFS Proxy returned the following error:



There was a problem accessing the site. Try to browse to the site again.

If the problem persists, contact the administrator of this site and provide the reference number to identify the problem.

Reference number: 25b51e4b-a68d-47d6-8fc7-ee5a56337ed4



The following snapshot shows the error:



When checking the event viewer on the ADFS Proxy servers the error Event ID 346 were logged several times:


Event id 364

Encountered error during federation passive request.

Additional Data

Exception details:

System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. ---> System.ServiceModel.FaultException: An error occurred when verifying security for the message.


The following snapshot shows the error in the event viewer:




ADFS Proxy configuration was fine as well as the certificate. However after troubleshooting the error the cause of it was due to time change.

The internal ADFS servers synchronizing the time with the Domain Controllers (DCs), and there were 20 minutes time difference between the ADFS proxy servers and the ADFS servers.



Reset the time on the ADFS proxy servers to match the time on the ADFS servers.

Comments (6)

  1. @UCG: did you try the above solution? did u check the time for both proxy and ADFS servers?

  2. chaselton says:

    In our test environment we are getting this error and the time on the ADFS proxy servers and federation servers is the same.

  3. UCG says:

    I have the same issue. Opened a case with MS support and they weren’t able to figure out the problem either. Unfortunately, it isn’t a lab so when the problem occurs, if I STOP then START the WNLB, the issue is resolved (until it happens again a few days

  4. Abhijeet Kasurde says:

    This article helped solved our issue, Kudos to author!!

  5. Rob (MCM) says:

    The issue is from so many different possible causes that this article although may work for some, won’t fix the majority. It could be from Token Time stamps, could be from time as listed above, could be from DB corruption, could be from IIS issues, could
    be from cookie issues, could be the proxy.. Microsoft says that this issue has existed since ADFS 1.0 and SharePoint services, as well as in CRM. So you are likely to find thousands of hits when it comes to this issue. Microsoft also couldn’t figure out the
    issue with our system either, so we are going to just stick with Salesforce. ADFS is a terrible product, anyone who is reading this, thinking this is just the last step till I get this thing up and running, should re-evaluate the requirements, and just stick
    with what was there prior.. It’s not worth the headache..

Skip to main content