Microsoft Q&A

Active Directory Federation Services

1,113 questions

An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.

Browse all Windows tags

Filter

Content

No answers or comments

111

With accepted answer

259

1,113 questions with Active Directory Federation Services tags

0 answers

AD FS behavior from domain-joined computer

AD FS is present in an environment for SSO into various supported sites/apps once a user authenticates to the AD FS site - if a user logs into active directory on a computer joined to the same domain that AD FS uses for its claim provider, then opens a…

asked

Jon Hall 0

2 answers

What ports are require to open between ADFS and WAP

I am going to implement new Azure AD tenant. My primary authentication method will be ADFS and PHS as backup method. For example, the servers name are as below ADFS name- ADFS01 WAP name- WAP01 Connect sync name- AADC01 Please can you help provide me…

asked

Mohd Arif 901

commented

JamesTran-MSFT 34,216 Microsoft Employee

1 answer

Failed: federation between Google Workspace and Microsoft Entra ID

Hi! I'm trying to implement "federation between Google Workspace and Microsoft Entra ID" following this link: https://learn.microsoft.com/en-us/education/windows/configure-aad-google-trust but I keep getting the error…

asked

Ammar Aganovic 40

commented

Akhilesh 1,525 Microsoft Vendor

1 answer

Federated domain

Hi, We have a few custom domain names in Azure, but only one is Federated. How can we make another domain Federated?

asked

Alik Kislitsa 0

commented

Konstantinos Passadis 13,766

1 answer

Multiple AD FS servers linked to same domain

Hi We have an existing AD FS 2012 R2 server that is federated with a custom domain in Azure AD, lets say "MyDomain.com" used to perform Office 365 licensing via Citrix. I have built a new AD FS 2019 server and a Web Application Proxy (WAP)…

asked

Mark Bavington 60

edited the question

Emi Zhang-MSFT 19,046 Microsoft Vendor

0 answers

How do I configure IWA with ADFS 4.0 for G Suite?

Greetings, We have G Suite Sign-in configured to be federated with ADFS. Form-based authentication is working. We are unable to configure Integrated Windows Authentication (IWA). Kindly provide us with the steps to configure IWA. Steps followed …

asked

Sudhakar Ramasamy 1

commented

Vahid Ghafarpour 8,545

1 answer

Adding ADFS to existing AD Application

We have an existing .NET application that uses Active Directory to authenticate users and search for user/OU data using DirectorySearcher object. Our customer has several AD servers and would like our existing application to authenticate/search from a…

asked

SteveB 1

answered

Vahid Ghafarpour 8,545

1 answer

ADFS oAuth 2.0 Client Credential Grant, AD as authorizations(scope) store

Our scenario could be described this way. A back-end webapp service (in linux) uses the OAuth 2.0 Client Credential Flow (CCF) to request a token from ADFS. It passes its client_id and client_secret. Even if the BE service is considered…

asked

Jeff Raymond (Nter) 1

edited an answer

Vahid Ghafarpour 8,545

2 answers

Configure federation between Google Workspace and Microsoft Entra ID error AADSTS51004

Hello, After follow the steps of this guide https://learn.microsoft.com/en-us/education/windows/configure-aad-google-trust I'm testing the login. I am getting the redirect to google when try to sign in but after that I get this error: Request Id:…

asked

Davide Orbitello 0

commented

JamesTran-MSFT 34,216 Microsoft Employee

0 answers

Windows 10 Hybrid Join Automatic registration failed

Hello, I am having troubles to let Windows 10 Hybrid Join on startup. It is only working right now when the computer object is synchronised. Because the Windows 10 is a non-persistent VDI it needs to join on startup. I am getting the below error. The…

asked

MJ 21

edited the question

JamesTran-MSFT 34,216 Microsoft Employee

1 answer

How to migrate users from on-prem environment to another on-prem environment?

Hello, I want to know how to migrate users from one on-prem environment to another on-prem environment? As in our scenarios we want to migrate lots of users from one on-prem environment to another on-prem environment. So can you please suggest and help…

asked

Khushi 0

commented

Dave Patrick 417.4K MVP

1 answer

How to perform Decommission of federation with password hash sync after migrated to cloud authentication

In office365 environment, we are going to migrate "federation with password hash sync" to "Cloud Authentication". After migrate to "Cloud Authentication", on premise AD will be removed, so we will perform Decommission of…

asked

louis cheung 20

edited the question

Sandeep G-MSFT 11,331 Microsoft Employee

0 answers

Establish federated identity credential / required RBAC role

Which Azure RBAC role is required to establish federated identity credential? https://learn.microsoft.com/en-us/azure/aks/learn/tutorial-kubernetes-workload-identity#establish-federated-identity-credential Following the error message this action is…

asked

JC 15

commented

Rinesh Varghese Kappil 0

1 answer

ADFS 4 - set REMOTE_USER from value of claim or claim store lookup

I have a web application that does auto-logon using REMOTE_USER http value that maps to a LDAP user of the same name. my issue is that the partner IDP is ADFS and i would like to use ADFS on my side of the trust in front of the web application (SP) I…

asked

Daniel Fung 1

answered

Vahid Ghafarpour 8,545

1 answer

ADFS 3.0 Logout - allow two SAML Logout Endpoints

Hello, I have searched low and high for a solution but could not find a definitive answer if my problem can be solved. Even just knowing that it cannot be solved would be extremely helpful. We have a single identity service that has two DNS names…

asked

FS 21

answered

Vahid Ghafarpour 8,545

0 answers

How to configure Enhanced Security Admin Environment (ESAE) architecture (red forest)??

Hi, I want to know how to configure Enhanced Security Admin Environment (ESAE) architecture (red forest)? Actually I want to configure and test it first and then move to the current Microsoft’s recommendation method. But unfortunately I have not found…

asked

Khushi 0

2 answers

Mailbox type is unable to change from user to office365 in the on-premises exchange portal.

Mailbox type is unable to change from user to office365 in the on-premises exchange portal. The mailbox type in Online Exchange Admin Center is user mailbox. though would like the mailbox type in the on-premises exchange portal to switch from user to…

asked

Diana Piloya 20

commented

Yuki Sun-MSFT 37,366

3 answers

Azure MFA to On-premises applications without ADFS and AzADAppProxy

Hi. I need to know what options do I have to force my internal apps to request Azure MFA when my clients access internally (or externally, published in the firewall). I don't want that my on-premises apps needs to go via application proxy via azure,…

asked

Miguel Gonçalves 76

edited an answer

Canming Jiang 1

0 answers

Bi-directional trust in multi-forest and separation of a domain as two separate company

Hi, I have an environment where there is a domain which needs to be separated into 2 tenants. Currently the domains have been the same and there is a single azure tenant. Now, this needs to be separated into two, and there is bi-directional trust in…

asked

Khushi 0

edited the question

Khushi 0

1 answer

What are the ways to migrate on-premise ADFS to Azure Cloud?

Please let me know what are the ways to migrate ADFS server to Azure cloud?

asked

Durai, Ganesh 20

commented

Durai, Ganesh 20