ADFS access giving HTTP 400 error

asked 2022-12-22T10:04:39.767+00:00
Houssem Hamdoun 1 Reputation point

Hello,

I'm migrating our ADFS server from Windows Server 2012 R2 to Windows Server 2019.

I managed to add the new server to the farm and to get it to work, but I'm getting some trouble while accessing the /adfs/ls/Idpinitiatedsignon.aspx page.

The ADFS farm name is adfs1.company.com, access to the URL https://adfs1.company.com/adfs/ls/Idpinitiatedsignon.aspx is working fine, however we need access through https://adfs2.company.com/adfs/ls/Idpinitiatedsignon.aspx URL as well for specific reasons.

The issue I'm facing is that the new server is throwing a HTTP 400 error whenever I try access through adfs2.company.com, and after deeper digging I found that it also throws the same error when I try accessing the URL using the server's IP address instead of the DNS name.

I tried changing netsh http bindings (added a new bind for 0.0.0.0:443) but it doesn't seem to help.

The ADFS URL "/adfs/ls/Idpinitiatedsignon.aspx" is only responding if accessed via localhost, hostname FQDN, or the FQDN of the ADFS farm, otherwise it throws the HTTP error 400.

The weird thing about this is that the old server is responding to all the requests using the ADFS2 alias, server's IP address and even when using 127.0.0.1 when accessing the webpage internally, and never throwing the HTTP 400 error.

I did a side-by-side comparison between configurations of both old and new servers and the config is matching.

Any help would be appreciated. I'm pretty sure it's a missing config in the HTTP service but I can't point my finger to the issue.

Thank you.

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
953 questions
No comments
{count} votes