This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 52%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
I will be rolling out Hybrid Azure AD Join for Federated domains and one of the requirements is to enable the internal endpoint, /adfs/services/trust/13/windowstransport. Currently that is disabled in my production environment. I have been trying to research what the affects are if I enable this internally and disable on the Proxy. I understand this is a requirement for Hybrid Azure AD JOin, but want to make sure I don't break anything when I enable it. Thoughts?
You can't break things by enabling it.
You can break things by disabling it later on... Once you actually started using it.
It should be disabled and remain disabled on the proxies.