Questions tagged [adfs]

Microsoft Active Directory Federation Service is an identity federation technology that provides single sign on access to web services and web applications using WS-* and SAML.

Microsoft Active Directory Federation Service is an identity federation technology that is compliant with industry standards such as WS-* and SAML 2.0. ADFS allows an organizations to use claims based access to web applications/services and provide single sign on (SSO) access to web applications. As ADFS is based on industry standards, interoperability with 3rd party federation technology is possible.

The initial version (ADFS 1.0) was shipped from Windows Server 2003 R2 onwards and is available in-box as of Windows Server 2008 R2. The latest version (AD FS 2.0) however is an out-of-band release that can be downloaded from http://www.microsoft.com.

More details are available from http://www.microsoft.com/windowsserver2008/en/us/ad-fs-2-overview.aspx

Claims based identity and access is explained at http://msdn.microsoft.com/en-us/library/ff423674.aspx

IT pro specific content is available from http://social.technet.microsoft.com/wiki/contents/articles/2735.aspx

365 questions

votes

0 answers

AD FS SP forcing custom AuthnRequest

AD FS Error: Exception details: Microsoft.IdentityServer.Service.Policy.PolicyServer.Engine.UnknownAuthenticationTypePolicyException: MSIS3305: None of the AuthenticationContext class references specified in the SAMLP request is supported by the…

asked Nov 24 '22 at 14:35

Mikkel

votes

0 answers

TransientServiceErrorException trying to call Update-MsolFederatedDomain

I am trying to migrate from an older 2012 R2 server with ADFS to a newer 2019 ADFS farm. Years ago, I followed the MS guides to federate with Office 365, and it has been working fine with the older server. Now I want to update Office365 to use our…

microsoft-office-365 adfs

asked Nov 14 '22 at 20:32

Chuck Herrington

votes

0 answers

ADFS Claims Provider not receiving username/email

I have an on-prem ADFS setup as below with SAML2, SP <=> ADFS <=> IDP When the SP initiates an authentication, the client can redirect to the IDP (configured as a Claims Provider) and authenticate himself. However, I need to pass any form of client…

adfs single-sign-on saml

asked Oct 13 '22 at 11:29

Sency

votes

0 answers

SSO for website for external domain

A client would like to set up SSO from their domain to my hosted website. They have suggested using ADFS. I have a single server hosting ADUC, ADFS and IIS in, let's say, fs.mydomain.com which is hosting a website which needs to keep track of logged…

microsoft-office-365 adfs

asked Sep 29 '22 at 15:29

Brian Erbe

votes

0 answers

ADFS and ColdFusion setup regarding certificate

I am so confused about this certification involvement between CF and ADFS talk. When we click on "Generate SP" on ColdFusion administrator, it does create a .p12 file but on the ADFS side, it only accepts a .cer file. So not sure how should I…

encryption saml adfs

asked Sep 15 '22 at 18:55

user282823

votes

2 answers

ADFS as proxy to some IDP

As far as I know, Exchange does support WS-Federation, but it does not support SAML. At the same time I have IDP that does support SAML, but does not support WS-Federation. Is it possible to configure ADFS as proxy? For example: Exchange OWA/ECP ->…

exchange authentication adfs single-sign-on saml

asked Nov 04 '21 at 06:28

Oleksii

votes

2 answers

Connection reset for HTTPS on ADFS

I have set up a windows server in virtual box with host only network as a labenvironment. I have a problem accessing HTTPS from the host only network. I have set up a domain controller and ADFS on a Windows server 2019 using a self signed…

windows-server-2019 adfs

asked Nov 01 '21 at 20:21

Stefan Rasmusson

votes

1 answer

Can't setup AD FS with SimpleSAMLphp, where do I get the metadata?

I'm following this article to setup AD FS SSO with PHP: https://stratbeans.medium.com/how-to-integrate-active-directory-in-php-application-for-sso-22eb62b6b866 I've successfully setup nginx + php-fpm on Ubuntu 20.04, and I'm stuck here: Where can I…

adfs

asked Oct 17 '21 at 03:52

daisy

votes

1 answer

Domain joined WAP in DMZ

To date, I've only ever used ADFS for claims aware applications. I'm now looking at using it for some non-claims aware applications. I've read that the WAP server must be domain joined for this so that it can perform Kerberos constrained…

domain adfs dmz network-security

asked Oct 02 '21 at 09:26

Steve

votes

1 answer

SAML 2.0 NameIDPolicy that was not satisfied by the issued token

I am working on a SAML integration with some monitoring software, but I keep receiving the MSIS7070 error below. I have tried numerous transform combinations with no luck. I am certain this is something relatively easy to fix, but my AD FS knowledge…

active-directory adfs single-sign-on saml

asked Sep 28 '21 at 16:18

Chris Lombardi

votes

1 answer

ADFS: Some Users Cannot Sign-In

I have a new ADFS implementation running on Server 2019. After setup, I tested authentication for various user accounts using the /adfs/ls/IdpInitiatedSignon.aspx. Most of the account I tested worked fine with no issues. There are a few accounts,…

authentication adfs

asked Sep 21 '21 at 18:37

Jeremy

votes

1 answer

Migrating from Azure AD SSO authentication to ADFS

We are having a customer with the following setup. onPrem Active Directory with Azure AD Connect and Password Hash Sync (PHS) including SSO activation SSO for all M365 apps Integration of about 15 different external Cloud Apps, which Trust…

adfs saml azureadconnect

asked Aug 30 '21 at 16:52

VJSpeter

votes

2 answers

How do I convert a multi-value SAML attribute to a single-value string in ADFS?

I previously asked a similar question about doing this in Azure AD. However, I've come to the conclusion that it is probably too limited to do this and I received no answers. However, in ADFS there is a lot more flexibility. I want to convert an…

adfs saml

asked Jul 09 '21 at 20:43

Appleoddity

3,488
2
13
33

votes

1 answer

Azure - ADFS internal load balancer. Is this required when using WID?

MY understanding of using WID is only one server is the primary ADFS and this has write access to the DB only. Therefore, why is an internal load balancer required? The fail over is a manual process. I can se why this would be useful when using SQL…

azure adfs

asked Feb 01 '21 at 17:45

IT_Makes_you_old

votes

0 answers

ADFS 2016 SSL certificate issue?

I'm running Windows Server 2016 Active Passive ADFS server, the below issue is happening on the passive node. AD domain is single AD domain: domain.com The same Wildcard SSL certificate has been imported successfully to the other ADFS 2016 servers…

active-directory adfs

asked Sep 24 '20 at 07:53

Senior Systems Engineer

1,275
2
33
62

Prev 1 2 3

…

24 25 Next