Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,589 questions
1,221 questions with Active Directory Federation Services tags
1 answer
What is the difference between FBL 3 and FBL 4 in ADFS
Hi Team, I am currently running on ADFS 4.0 on windows 2016 with Farm Behaviour Level 3. planning to move to windows 2022 , FBL 4. Can you let me know the difference between FBL 3 and FBL 4. I do not see any detailed document on this. Thanks, …
asked 2024-07-15T03:29:53.94+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(201.6, 64%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESA%3C/text%3E%3C/svg%3E)
Saravanan Athiyappan
0
Reputation points
answered 2024-07-16T06:31:05.0333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 92%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYL%3C/text%3E%3C/svg%3E)
Yanhong Liu
4,810
Reputation points Microsoft Vendor
0 answers
Failed to create AzureadKerberos (Cloud Kerberos Trust)
We are trying to establish cloud Kerberos trust to enable WHFB in our environment. However, it is giving below error. It gives error at command Set-AzureADKerberosServer. Any advise and suggestion will be highly appreciated. We have followed below…
asked 2024-04-08T11:22:38.92+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 78%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Ritesh Sharma
266
Reputation points
commented 2024-07-15T19:42:29.5533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 36%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENS%3C/text%3E%3C/svg%3E)
Nilotpal Sarkar
0
Reputation points
2 answers
ADFS retrieving claims using native client application
Hi, We are currently attempting to write a test application in C#, which needs to retrieve certain claims upon authorization. No matter what we have tried, it seems we only receive the same 10 claims from the ADFS server (see image for the received…
.NET
.NET
Microsoft Technologies based on the .NET software framework.
3,601 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,221 questions
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,605 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 97%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EG%3C/text%3E%3C/svg%3E)
1 answer
AD CS Web Enrollment: Invalid pointer 0x80004003 (-2147467261 E_POINTER)
I have a Windows 2019 server set up as a CA in my environment. It's tied to my DC. I have IIS installed and certificate web enrollment is in use. I can browse to my https://CA/certsrv no problem. The websites certificate is valid and trusted. I can log…
asked 2023-12-29T19:03:44.7233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 1%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEL%3C/text%3E%3C/svg%3E)
Emenual Luna Wolff
5
Reputation points
answered 2024-07-12T13:39:21.07+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 47%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDD%3C/text%3E%3C/svg%3E)
Daniel D. Hesse
0
Reputation points
1 answer
Active Directory - Add or remove multiple members from a security Group
What's the maximum limit to add/remove users to a security group in On-Prem AD? Also, is there a limit to the sync process between On-Prem & AZURE Sync for such additions? e.g. can I add 100K users to an AD Group using PowerShell script in a single…
asked 2024-07-11T13:00:18.2433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 49%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
Mayilvahanan, Senthilkumar
0
Reputation points
answered 2024-07-11T13:52:03.24+00:00
Andy David - MVP
144.8K
Reputation points MVP
2 answers
Changing the ADFS service account options "this account supports kerberos AES ... "
We are trying to join windows 2022 to 2012 R2 farm with WID and are encountering issues during pre-requisite checks. One option that we are thinking of trying is to enable "this account supports Keberos AES 128 bit encryption" and "this…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 36%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 20%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
1 answer
Domain user getting: The sign-in method you’re trying to use isn’t allowed
Domain user getting: The sign-in method you’re trying to use isn’t allowed I'm troubleshooting a problem with a domain user who when trying to log in to his domain account gets the message "The login method you are trying to use is not…
asked 2024-06-25T10:51:43.5766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 31%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFM%3C/text%3E%3C/svg%3E)
FALAK MOHAMED ALI
0
Reputation points
answered 2024-07-07T07:30:30.25+00:00
Khaled Elsayed Mohamed
1,255
Reputation points
1 answer
Can we change the access token lifetime in AD
Can we change the access token lifetime in AD?
asked 2024-06-27T20:28:45.7033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 86%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVC%3C/text%3E%3C/svg%3E)
Victoria Calderon Yonaha
0
Reputation points
answered 2024-06-28T08:59:52.9566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 11%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJZ%3C/text%3E%3C/svg%3E)
Jing Zhou
5,135
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Create custom CloudAP plugin to authenticate to windows machine which is entra Joined?
My domain is federated with custom inhouse IDP and when the user tries to login in the entra joined machine as IDP CloudAP authenticates the user right? Is it possible to create custom CloudAP Plugin so after user enters the password our idp can enforce…
asked 2024-02-07T12:04:04.42+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 61%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
AJ
30
Reputation points
commented 2024-06-27T14:45:12.01+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 24%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
S S R Sriharsha Kedarisetty
0
Reputation points
2 answers
Prompt for credentials when different user tries to login with Microsoft Single Sign On using SAML
We have a below mentioned requirement on our login screen. User enters emailId in our application and selects Microsoft to login with that email Id. User logs in to our platform with Microsoft SSO using SAML. User then logs out from our application,…
asked 2024-06-20T15:21:07.52+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 93%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERB%3C/text%3E%3C/svg%3E)
Rachir Bulsara
0
Reputation points
answered 2024-06-25T10:17:26.9466667+00:00
Akshay-MSFT
17,641
Reputation points Microsoft Employee
0 answers
having an error reactivating Access to Azure Active Directory subscription
failed reactivate Access to Azure Active Directory subscription
asked 2024-06-23T11:11:34.1133333+00:00
Ebrahim Mansour
1
Reputation point
asked 2024-06-23T11:11:34.1133333+00:00
Ebrahim Mansour
1
Reputation point
1 answer
When attempting to modify files within the Netlogon folder in Active Directory, I've encountered instances where files are use and cannot be change
Dear Experts, I'm seeking assistance with aspects of Active Directory (AD) management and troubleshooting. Specifically, I am encountering a error that the files are in use and cannot be change in the Netlogon folder. When attempting to modify files…
asked 2024-05-13T04:19:37.46+00:00
Dipto Adhikary
20
Reputation points
commented 2024-06-20T05:40:52.6133333+00:00
Dipto Adhikary
20
Reputation points
1 answer
DNS Zone Locks and Propagation Delay in Active Directory
Dear Experts, I'm seeking assistance with aspects of Active Directory (AD) management and troubleshooting. Specifically, I am encountering a DNS zone lock and propagation delay issue within the Active Directory environment. When I trying to make changes…
asked 2024-05-13T03:54:23.7433333+00:00
Dipto Adhikary
20
Reputation points
commented 2024-06-20T05:14:49.8333333+00:00
Dipto Adhikary
20
Reputation points
1 answer
One of the answers was accepted by the question author.
Single Sign On to different O365 tenants
Hi everybody, I have the following situation: Single Active Directory domain (domain.local) 2 Office 365 tenants (domain1.com, domain2.com) 2 ADFS Servers one of them syncing users from one OU1 to domain1.com and handling SSO. Users have UPN…
asked 2024-06-06T08:50:15.8566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 86%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECN%3C/text%3E%3C/svg%3E)
Christoph Nellis
20
Reputation points
accepted 2024-06-17T10:28:37.3266667+00:00
Christoph Nellis
20
Reputation points
0 answers
How to connect to on-premises SharePoint using ADFS authentication in a .NET 8 application
Since OfficeDevPnP.Core is not supported in .NET 8, are there alternative libraries or approaches to connect to on-premises SharePoint using ADFS authentication in a .NET 8 application? Current Situation: Existing applications written in .NET Framework…
asked 2024-06-17T03:57:31.1433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 10%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVN%3C/text%3E%3C/svg%3E)
Vijayan, Neethu
0
Reputation points
asked 2024-06-17T03:57:31.1433333+00:00
Vijayan, Neethu
0
Reputation points
5 answers
Configure federation between Google Workspace and Microsoft Entra ID error AADSTS51004
Hello, After follow the steps of this guide https://learn.microsoft.com/en-us/education/windows/configure-aad-google-trust I'm testing the login. I am getting the redirect to google when try to sign in but after that I get this error: Request Id:…
asked 2023-11-17T13:12:22.49+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 39%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDO%3C/text%3E%3C/svg%3E)
Davide Orbitello
0
Reputation points
commented 2024-06-11T08:59:53.5333333+00:00
Rodrigo Sineider dos Santos
0
Reputation points
1 answer
One of the answers was accepted by the question author.
how to copy the permission from on prem share folder to Azure storage bucket
Hello Team, We have huge share data at the on prem servers which we wanted to move on azure file share . at the same time when we are moving share data to azure file share, we want the same permission which are there on the on prem share folders. please…
asked 2024-06-03T13:58:00.45+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 20%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENW%3C/text%3E%3C/svg%3E)
N Wakchaure, Jagdish
60
Reputation points
accepted 2024-06-06T11:56:16.8066667+00:00
N Wakchaure, Jagdish
60
Reputation points
0 answers
ADFS 3.0 - CAPTCHA enable in ADFS sign - in page
As a VAPT Pointers , needs to enable CAPTCHA on ADFS SIgn - In page is it possible?
asked 2024-05-30T12:14:23.36+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 14.000000000000002%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPR%3C/text%3E%3C/svg%3E)
Poongundran R
5
Reputation points
asked 2024-05-30T12:14:23.36+00:00
Poongundran R
5
Reputation points
0 answers
ADFS - OWA - ECP automatically signs out when loging from custom IdP
i have a problem. Im logging into adfs with Keycloak as an IdP, everything works well. Im redirected from Keycloak to ADFS and then im getting redirected to OWA the to the ECP with signout request. Token is sent to LS and /ls is redirecting to logoff…
asked 2024-05-28T09:57:43.21+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 50%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
adfsloss
0
Reputation points
edited the question 2024-05-29T10:12:35.31+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 35%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EXQ%3C/text%3E%3C/svg%3E)
Xintao Qiao-MSFT
1,100
Reputation points Microsoft Vendor
1 answer
ADFS - [Windows Hello - Certificate Provisioning Service]
Hello, I would like to configure ACL in ADFS to not keep anything in "Permin Everyone" but there is one App with name "Windows Hello - Certificate Provisioning Service" that I cant remove or even find. Could someone please describe…
asked 2024-05-20T06:28:01.0633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 89%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMJ%3C/text%3E%3C/svg%3E)
Morawczynski, Jakub
0
Reputation points
answered 2024-05-28T11:20:59.3366667+00:00
Morawczynski, Jakub
0
Reputation points