Due to some reason, Error 500 may appear on the IIS Agent consumer url /saml2/login , for example:

That is the default behavior of IIS web server on Error 500.

Unfortunately this is a very generic error and does not really reveal to root of the problem.

To retreive further details please follow these articles...



Alternatively, we can can enable IIS Agent log to see the details...

For the particular error, we are almost sure that either DualShield server or IIS server has a time drift.