Kumar, Naveen 1 Reputation point

Hello All,

I have enabled Azure MFA on ADFS. While testing from I getting below error message. Followed multiple blogs and implemented suggestions like UPN update etc.

Could anyone please suggest solution for this error.

AADSTS50107: The requested federation realm object '' does not exist.


Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,209 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,856 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Pierre Audonnet - MSFT 10,166 Reputation points Microsoft Employee

    This is not an ADFS error. This is an Aure AD error (I added the Azure AD tag).

    This basically says that your the federation settings you have for this domain in Azure AD are not matching the actual ID of your ADFS deployment. Or at least not the ID that ADF issued in its tokens.

    Asusming you don't have a multiple domain environment, the following commands should return the same thing:

    # from a machine with the MSOnline module installed and connected
    (Get-MsolDomainFederationSettings -DomainName <your domain here>).IssuerUri
    # from an ADFS server

    Then you need to proper claim issuance rule. You can generate them with this wizard if you are not sure which one should be set:

    If you have a multiple domain environment let us know, it might be a bit different. Utlimatly, we use the user's UPN to generate the IssuerID in the token. That also might be why you see post here and there mentionning UPN issues. What is your current UPN situation? Routable domain name? Matching the email address?

    1 person found this answer helpful.

  2. Kumar, Naveen 1 Reputation point

    Hello @Pierre Audonnet - MSFT

    Sorry for the delayed response. Thank you very much for the reply. I am getting below details
    I have tried to check from Azure AD connect and was able to see the configuration but getting error message on verify federated login.

    The federation service name cannot be resolved.Confirm that the federation
    service name is registered in DNS and is resolvable from this server.

    Azure -

    ADFS -

    AbsolutePath : /adfs/services/trust
    AbsoluteUri :
    LocalPath : /adfs/services/trust
    Authority :
    HostNameType : Dns
    IsDefaultPort : True
    IsFile : False
    IsLoopback : False
    PathAndQuery : /adfs/services/trust
    Segments : {/, adfs/, services/, trust}
    IsUnc : False
    Host :
    Port : 80
    Query :
    Fragment :
    Scheme : http
    OriginalString :
    DnsSafeHost :
    IdnHost :
    IsAbsoluteUri : True
    UserEscaped : False
    UserInfo :

    Please suggest.


    0 comments No comments