ADFS endpoint configurations

Devandran 31 Reputation points

Hi Team,

I would like to check, there is ADFS server being setup in our development environment for testing purpose.

currently the endpoint is being used as

There is a requirements from development team that the URL should be visible as

Where should i make the changes so the ADFS url is accesible using as

Please advise. TQ.

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,169 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Pierre Audonnet - MSFT 10,151 Reputation points Microsoft Employee

    AD FS is leveraging SNI from TLS. The hostname used to established the TLS tunnel has to match the ADFS farm name that you can see in the administrative console and in the output of Get-ADFSProperties (it is the name you pick at the installation).

    To have the server listen on another hostname, you need to add that name to the HTTP bindings. You can use the following command on the ADFS server:

    netsh http add sslcert certhash=<hash of the TLS cert> appid={5d89a20c-beab-4389-9447-324788eb944a}

    You need to replace <hash of the TLS cert> with the actual hash.
    {5d89a20c-beab-4389-9447-324788eb944a} is the App Id of ADFS.

    If you are also using a WAP, the following command can be ran on the WAP:

    netsh http add sslcert certhash=<hash of the TLS cert> appid={f955c070-e044-456c-ac00-e9e4275b3f04}

    {f955c070-e044-456c-ac00-e9e4275b3f04} is the APp Id of WAP.

    0 comments No comments

  2. Limitless Technology 39,201 Reputation points

    Hi there,

    Open the ADFS Management application, on the right, is the "Edit Federation Service Properties" and change the Federation service name and identifier with the new domain name. In your case, it will be Update the ADFS certificate that it uses.

    You can use this article to get the detailed steps behind the process

    AD FS user sign-in customization


    --If the reply is helpful, please Upvote and Accept it as an answer--

    0 comments No comments