1,192 questions with Active Directory Federation Services tags
How to access ADFS externally with web app
Hello! I really need someone to help me out now since i spent days learning and doing labs and i finally made it but not completely. I have 3 VMs, 1 DC, ADFS server and ADFS proxy server with 2 NICs. Internally i can reach the ADFS login page with…
Select domain at ADFS login page
My ADFS connect to two AD Domain for authentication, can I let users select the domain they belong instead of typing the domain name?
ADFS 3.0 error 364 (msis 7042) on ADFS + error 224 on ADFS PROXY maybe after windows update
Hi all! Dynamics on premise, exposed with ADFS 3.0 and ADFS PROXY So i have this scenario: 1 vm x sql (lan) 1 vm x dynamics (lan) 2 vm x dns and dc (lan) 1 vm x adfs (lan) 1 vm x adfs proxy (Dmz) After windows update for windows 2012 r2 on…
adfs exchange
dears, i have 2 2016 exchange servers configured in dag mode. external urls are not published. users can connect just internally. the client recently asked to publish it externally using web app proxy. i have seen that this needs an adfs server to…
ADFS idpinitiatedsignon SAML assertion not signed
I am trying to extract SAMLResponse assertion via https://<adfs_domain>/adfs/ls/idpinitiatedsignon using a webview. The problem is that the SAMLResponse assertion is not signed and the signature is not included inside the assertion. As a result…
ADFS - AAD integration - No AzureAD Connect - SAML ImmutableID error
Hello everyone, I'm working on enabling login to an adfs-federated Enterprise Web App through AAD SAML. I haven't found any good documentation on the matter (or blogpost) which describes my specific usecase so I'm mostly doing trial and error. I know…
Authentication Loop use ADFS with CRM
I posted this in CRM Dynamics to no avail so I'm trying here. I have two users (one being me) who get an authentication loop when attempting to access our CRM system via our intranet. I used a SAML inspection program and I get ws-fed error …
Claims rule to get WindowsAccountName
I have configured Claims Provider Trust in ADFS and I am getting only Email in NameID. I can not make changes to Third party Claims Provider Trust, so I have to get WindowsAccountName using Email which I received in NameID from Third Party IDP and…
ADFS - WAP traficc handle
Hi! My ADFS solution idea looks like this: Internet to FW to NLB to WAP1 and WAP2 to FW to ADFS1/ADFS2/ADFS3/ADFS4 to AD. The NLB distribute the incoming traffic to the WAP servers (Round-robin) and the WAP servers distribute the traffic to…
Automatic device join in single AD - multiple Azure topology
Hi all, Our customer is considering implementing topology with single onprem AD synchronized to multiple Azure AD tenants, using a single ADFS farm. The customer needs availability of Autopilot with Hybrid AD join for devices in all Azure AD tenants.…
How to send comma separated AD attribute value as separate ADFS role claims?
Our business roles from ERP are populated into extensionAttribute5 AD attribute. The value of this attribute may look like: SAXTechs PrimaTechs SAXTechs,PrimaTechs How can we send these values as separate role claims using ADFS 4…
Import SSL into ADFS for linking Azure AD to Local AD.
So I am attempting to test a huge connection of my azure AD to my Local AD but I need an ADFS in my environment for Federated logins from AzureI am attempting to deploy one but it's asking for an SSL cert I need support importing an SSL cert into my…