Active Directory
A set of directory-based technologies included in Windows Server.
5,805 questions
1,186 questions with Active Directory Federation Services tags
2 answers
Azure hybrid domain join
Hi, If I enable azure hybrid azure AD join from configuration device tasks in AD connector, does the end user of these existing AD only domain joined machines experience any prompts/ issues? Thanks
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 70%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 11%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJZ%3C/text%3E%3C/svg%3E)
1 answer
Azure connector
Hi, my org has set a service account up for using azure connector, it has now come to light that the password is no where to be seen. if this password is reset, is it a case that ad sync is stopped until the new password is updated in sync settings? It…
1 answer
Remove last Exchange server from hybrid environment
Hi, We are Company of 10K mailboxes, and now we haves moved our mailboxes to Office 365, there are no mailboxes in on-prem Exchange. Just being used for Hybrid configuration and SMTP relay. Now we are planning to remove the last server from our…
asked 2024-04-04T21:14:40.37+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 51%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERG%3C/text%3E%3C/svg%3E)
Rohit Ghosalkar
0
Reputation points
commented 2024-04-11T06:50:39.94+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Akhilesh
4,540
Reputation points Microsoft Vendor
1 answer
How to check if any application uses the IDP-initiated login endpoint in ADFS
Hello everyone, for security reasons, I want to disable the https://domain.com/adfs/ls/idpinitiatedsignon.aspx endpoint in the ADFS proxy servers. However, I need to make sure that no application is using IDP-initiated logins from the external network…
asked 2024-04-08T10:10:26.6966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 92%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJO%3C/text%3E%3C/svg%3E)
João Vitor Rosa
0
Reputation points
answered 2024-04-09T08:58:39.2733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 44%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECD%3C/text%3E%3C/svg%3E)
Claudia Dos Santos Haz (CONCENTRIX CORPORATION)
695
Reputation points Microsoft Vendor
0 answers
Failed to create AzureadKerberos (Cloud Kerberos Trust)
We are trying to establish cloud Kerberos trust to enable WHFB in our environment. However, it is giving below error. It gives error at command Set-AzureADKerberosServer. Any advise and suggestion will be highly appreciated. We have followed below…
asked 2024-04-08T11:22:38.92+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 78%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Ritesh Sharma
256
Reputation points
asked 2024-04-08T11:22:38.92+00:00
Ritesh Sharma
256
Reputation points
1 answer
Azure Active Directory (AAD) authentication or aad B2C authentication within a PHP application
My PHP application, which is built on WordPress, currently utilizes WordPress AAD authentication with client ID and client secrets. However, I am looking to discontinue the use of client secrets. Presently, I am using the functionality available on…
asked 2024-03-29T11:58:05.8533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 9%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)
Arun Pradhan (MINDTREE LIMITED)
0
Reputation points Microsoft Vendor
commented 2024-04-08T04:50:48.49+00:00
Arun Pradhan (MINDTREE LIMITED)
0
Reputation points Microsoft Vendor
0 answers
Work Folders with AD FS and Web Application Proxy (WAP) - ERROR-ID 0x80072efe
DC, WF, ADFS, WAP - Win Std. 2022 The configuration does not work with an MS WAP. --> https://learn.microsoft.com/en-us/windows-server/storage/work-folders/deploy-work-folders-adfs-overview I get the following error after successfully logging in. It…
asked 2024-04-04T09:29:17.5266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 74%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETS%3C/text%3E%3C/svg%3E)
Thomas Schäfer
6
Reputation points
edited the question 2024-04-06T14:11:17.7166667+00:00
Thomas Schäfer
6
Reputation points
1 answer
Work Folders with AD FS and Web Application Proxy (WAP) - ERROR-ID 0x80072efe
DC, WF, ADFS, WAP - Win Std. 2022 The configuration does not work with an MS WAP. --> https://learn.microsoft.com/en-us/windows-server/storage/work-folders/deploy-work-folders-adfs-overview I get the following error after successfully logging in. It…
asked 2024-03-31T17:06:38.6366667+00:00
Thomas Schäfer
6
Reputation points
edited the question 2024-04-06T14:10:31.65+00:00
Thomas Schäfer
6
Reputation points
0 answers
ADFS integration with AWS loadbalancers
Hi, i am trying to integrate ADFS server behind AWS load balancers. Proxy server behind application load balancer and ADFs farm server behind network load balancer however i am getting a 502 bad gateway error. Any suggestions?
asked 2024-04-02T07:47:11.7466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 16%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERC%3C/text%3E%3C/svg%3E)
Rohan choudhary
26
Reputation points
edited the question 2024-04-02T07:50:47.9833333+00:00
GitaraniSharma-MSFT
46,761
Reputation points Microsoft Employee
0 answers
Issue with locating templates on CAserver
I am running Windows Server 2012 R2 and trying to access the webpage http://localhost/certsrv/certrqxt.asp to request a certificate. However, when I try to select a certificate template, I get an error message saying that the CAserver cannot find any…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 59%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
1 answer
Enquiry on ADFS event ID MSIS8022 and Using DUO Authenticator for primary authentication
Hi all, We are trying to use DUO Authenticator for primary authentication as we would try using it to replace traditional form based authentication (Passwordless). We have tried testing it with our Shibboleth service provider through SAML2…
asked 2024-03-25T08:21:32.47+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 69%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPF%3C/text%3E%3C/svg%3E)
Patrick Fung
0
Reputation points
answered 2024-03-28T07:14:19.3333333+00:00
Patrick Fung
0
Reputation points
1 answer
SMTP AUTHentication is not working after federation of domain configured
after the federation of my domain, the users, who were able to send mail before the federation via SMTP AUTHENTICATION like printers, and firewalls etc, CAN't send emails anymore. the error is: 535 5.7.139 Authentication unsuccessful, the user…
asked 2024-01-06T07:14:49.32+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 57.99999999999999%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYU%3C/text%3E%3C/svg%3E)
Yusuf Uzunay
0
Reputation points
commented 2024-03-22T20:05:57.5866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 51%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERE%3C/text%3E%3C/svg%3E)
Ron Eckert
0
Reputation points
1 answer
One of the answers was accepted by the question author.
can we migrate unregistered active directory domains(.local) to azure entra id
I want to migrate .local domain which is not registered to azure entra id
asked 2024-03-18T09:02:16.1433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 50%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHP%3C/text%3E%3C/svg%3E)
Harsha Parasa
20
Reputation points
accepted 2024-03-21T10:00:20.0466667+00:00
Harsha Parasa
20
Reputation points
0 answers
ADFS Custom Primary Authenticator triggers MSIS8022 when user input invalid username
We are developing a custom authenticator for ADFS 2019 and intend to make it work as primary authentication method in Paginated theme. We found that when user input an invalid upn as username and choose our custom authenticator, an error message…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 86%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBL%3C/text%3E%3C/svg%3E)
2 answers
One of the answers was accepted by the question author.
What ports are require to open between ADFS and WAP
I am going to implement new Azure AD tenant. My primary authentication method will be ADFS and PHS as backup method. For example, the servers name are as below ADFS name- ADFS01 WAP name- WAP01 Connect sync name- AADC01 Please can you help provide me…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 76%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
0 answers
ADFS WAP Redirects to Backend URL on Successful Logon
I have a domain mydomain.local and an ADFS Server adfs.mydomain.local. I've published by ADFS directly and also using WAP with external URL adfs.mydomain.com and backend URL adfs.mydomain.local. When I access the application, I get ADFS Web Form…
asked 2024-03-19T19:43:21.7+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 6%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM6%3C/text%3E%3C/svg%3E)
MohammedIsmailShareef-6405
0
Reputation points
asked 2024-03-19T19:43:21.7+00:00
MohammedIsmailShareef-6405
0
Reputation points
0 answers
How to migrate a Relying Party Trust in ADFS for Office 365 (EntryID) to a new Forest
We need to migrate ADFS (>5 years old) from an old AD forest to the new Forest. We use ADFS, among other things, for SSO with custom domains for EntraID. For federation and creating the relying party with EntraID (Office 365 / Microsoft 365) I used to…
asked 2024-03-14T15:29:21.0033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 57.00000000000001%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMZ%3C/text%3E%3C/svg%3E)
Michael Zahneißen
0
Reputation points
commented 2024-03-18T15:37:52.6066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Givary-MSFT
27,491
Reputation points Microsoft Employee
0 answers
Why Entra joined machine need certificatemixed endpoint in ADFS ?
According to this https://learn.microsoft.com/en-us/entra/identity/devices/device-join-plan#federated-environment in ADFS certificatemixed endpoint need to be enabled . Entra Joined machine does not have MFA during machine login and it uses only user…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 61%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
3 answers
Federation Service Error with Secuirty Event 4625
I got new ADFS service in Domain A and served forest trusted Domain B . The federation service get hung frequently for Domain B only , user logon process wiill roll back to the login page without any error message. Meanwhile, the federation service to…
asked 2022-11-18T05:29:27.193+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 48%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
斌 陈
1
Reputation point
answered 2024-03-14T08:58:29.46+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 28.999999999999996%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETG%3C/text%3E%3C/svg%3E)
Thomas Gabel
0
Reputation points
1 answer
AD FS Tracing/Debug Event 153 - None of the UPNs were successful for S4U Logon call
While trying to login on ADFS page login page, page get refresh and ask for login again (ADFS login loop). When I checked event log in AD FS Tracing/Debug I am getting event 153 with message "None of the UPNs were successful for S4U Logon…
asked 2023-01-11T14:34:32.6466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 61%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVD%3C/text%3E%3C/svg%3E)
Vaman D
5
Reputation points
answered 2024-03-12T09:35:45.7633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 46%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJJ%3C/text%3E%3C/svg%3E)
James, Jonathan
0
Reputation points