ADFS Sign-in Only for Some Users

Bob Stuckley 1 Reputation point

I recently set up an ADFS farm, and I am testing a few user accounts to see if they can sign into /adfs/ls/IdpInitiatedSignon.aspx. Some accounts work fine; others, however, exhibit the following behavior:

  • Signing in with a wrong username/password results in an error message indicating the username/password is incorrect.
  • Signing in with correct username/password results in a page refresh and the sign-in form is displayed. There is no error message; simply a page refresh and the sign-in form.

In the Security event log, there are three events related to the sign-in. They are as follows (in arrival order):

Event 4648 - A logon was attempted using explicit credentials.
Event 4624 - An account was successfully logged on.
Event 4625 - An account failed to log on (Failure reason: Unknown user name or bad password)

I'm at a loss as to why this is happening for only certain users. Any help you can provide is appreciated.

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,034 questions
{count} votes