JesseHall-9740 avatar image
0 Votes"
JesseHall-9740 asked JesseHall-9740 edited

ADFS External access - new and trying to find some guides/guidance

For the most part I have ADFS working when accessed internally. However the main purpose for us implementing ADFS was for external access.

We want to have ADFS be the primary authentication method for employees who have no VPN, or access to the domain to still be able to login to SharePoint. Preferably via PIN prompt. I am looking for some documentation to figure out what route to go for troubleshooting our current configuration.

Browser : Chrome
External access - when I hit url/adfs/ls/idpinitatedsignon directly (not from sharepoint) I select sign in goes right to username and password prompt instead of PIN
username and password is accepted when I enter it.

Now with IE due to group policy etc i can force a PIN prompt but it is not accepted even though I know it is correct does not matter if I use an AUTH cert, email cert it will not work

· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

What is the PIN prompt you are talking about? The PIN for smartcard/certificate authentication? Or something else?

0 Votes 0 ·

Apologies I posted that question terribly, and was distracted. Yes for the Smartcard authentication
We kind of got thrown into this project however to our understanding we could achieve the following.

No VPN between the external user and the SharePoint on-premise server
ADFS could allow us to provide PKI login to the SharePoint
I am assuming the issue is with how my fellow co-worker has configured ADFS/extranet

0 Votes 0 ·

Hi Jesse,

Assuming smart card authentication and you've enrolled/issued smart cards to your user base, the external ADFS behavior will be impacted according to what Extranet authentication methods have been configured (in this case certificate authentication).


2 Votes 2 ·
Show more comments

0 Answers