OWA - ADFS - ID4175 IssuerNameRegistry

adfsloss 0 Reputation points
2024-05-22T13:33:23.06+00:00

I have encountered a problem with an ADFS in Exchange Server 2019. x-adfserror: ID4175: The issuer of the security token was not recognized by the IssuerNameRegistry. To accept security tokens from this issuer, configure the IssuerNameRegistry to return a valid name for this issuer.

Im using keycloak as IDP to login to OWA. The connection between is setup like this OWA - ADFS - KEYCLOAK(our mfa handling) - ADFS - OWA.

In relying party trust in ADFS for OWA i have put identifier: https://link/owa/. Should it be https://link/adfs/services/trust/? Tried but im getting 503 error while accessing this link.

I saw that there is a STS configuration, but cannot find what exacly it is doing for ADFS.

Exchange Server
Exchange Server
A family of Microsoft client/server messaging and collaboration software.
1,369 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,365 questions
Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,704 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Q&A Assist
    2024-05-22T13:33:23.0766667+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    The error message "ID4175: The issuer of the security token was not recognized by the IssuerNameRegistry" indicates that the ADFS is not recognizing the issuer of the security token. To resolve this issue, you need to configure the IssuerNameRegistry to return a valid name for this issuer.

    In the relying party trust in ADFS for OWA, the identifier should be set to the URL of the OWA application, which in this case is "https://link/owa/". It should not be set to "https://link/adfs/services/trust/".

    The STS (Security Token Service) is responsible for issuing and validating security tokens. It is used by ADFS to issue security tokens to clients that request them.

    References:

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.