ADFS 2019 and redirect links

Sau Patel 21 Reputation points
2022-02-08T17:59:20.82+00:00

Hello,

I have recently migrated my Win2012 ADFS and ADFS Proxy, to Win2016 ADFS with a Win2019 WAP server. On my ADFS Proxy server, I had an IIS redirect to assist with shortening the ADFS URLs - such as "https://adfs.aaaa.com/o365login" instead of "https://adfs.aaaa.com/adfs/ls/idpinitiatedsignon.aspx?loginToRp=http://www.officeonline.ms.com/blahblah". With WAP, installing IIS is not recommended, how do I go about fixing this and maintaining the older shorter URLs? Any advice or suggestions are appreciated.

Thank you,
Sau

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,222 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Pierre Audonnet - MSFT 10,171 Reputation points Microsoft Employee
    2022-02-14T15:50:25.54+00:00

    AD FS and WAP are both agnostic of that redirecation. They just see what hits them. Your redirection service could be hosted anywhere. And is that is meant to be use externally only, you can even publish it with WAP.

    I am not sure about your example though, are you using redirection for Office 365 realted things?

    0 comments No comments

  2. Sau Patel 21 Reputation points
    2022-02-14T17:34:23.427+00:00

    Hi Piaudonn,

    The O365 was just an example. We are working with O365, and other 3rd party services and all of the services have long URLs for ADFS such as "https://adfs.aaaa.com/adfs/ls/idpinitiatedsignon.aspx?loginToRp=http://www.oracle.com/sso.jsp." Now, I'd rather give my users a shorter version to remember - say "https://adfs.aaaa.com/oracle" and am trying to understand how I can do that without using IIS.

    You mentioned, I can do that using WAP, and I tried Publishing one, but it won't let me change the URL and prefers the same URL. What am I missing here? How are others with ADFS assisting their users to access the 3rd party applications using SSO with shorter URLs?

    Thanks,
    Sau

    0 comments No comments