This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 93%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECD%3C/text%3E%3C/svg%3E)
Hello,
I have an ADFS 2016 where I have configured 2 Claims Providers (Active Directory and an LDAP Local Claims Provider).
I would like to avoid the HRD page if the user is on the internal network and use the other if the user is on the external network or if the IWA is not working.
Here my configuration :
My use cases : Bypass the HRD and
I followed this link to configure my HRD page : https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/operations/home-realm-discovery-customization#configure-an-identity-provider-list-per-relying-party
If go to my Relying Party, I'm redirected to the HRD.
So I made some tests :
If I understand this disclaimer on the previous link, my configuration should bypass the HRD and use IWA for my use cases :
Please note that if an identity provider list for a relying party has been configured, even though the previous setting has been enabled and the user accesses from the intranet, AD FS still shows the home realm discovery (HRD) page. To bypass HRD in this case, you have to ensure that "Active Directory" is also added to the IDP list for this relying party.
Could you help me to understand where I made a mistake, please?
Maybe I forgot to configure something?
Thanks a lot for your help.
If you're using load balancers or network firewalls, they might affect how the network location is determined. Make sure that the ADFS server can accurately determine whether the user is coming from the internal network or not.