Questions tagged [adfs]

Microsoft Active Directory Federation Service is an identity federation technology that provides single sign on access to web services and web applications using WS-* and SAML.

Microsoft Active Directory Federation Service is an identity federation technology that is compliant with industry standards such as WS-* and SAML 2.0. ADFS allows an organizations to use claims based access to web applications/services and provide single sign on (SSO) access to web applications. As ADFS is based on industry standards, interoperability with 3rd party federation technology is possible.

The initial version (ADFS 1.0) was shipped from Windows Server 2003 R2 onwards and is available in-box as of Windows Server 2008 R2. The latest version (AD FS 2.0) however is an out-of-band release that can be downloaded from http://www.microsoft.com.

More details are available from http://www.microsoft.com/windowsserver2008/en/us/ad-fs-2-overview.aspx

Claims based identity and access is explained at http://msdn.microsoft.com/en-us/library/ff423674.aspx

IT pro specific content is available from http://social.technet.microsoft.com/wiki/contents/articles/2735.aspx

365 questions

votes

1 answer

ADFS - How to be specific on a groups claim

How do you specify a particular set of groups to look for and return in the ADFS authentication rather than searching for and returning all a user's groups in the response message? This is a question in response to an answer given by Jim B for this…

adfs

asked Mar 25 '16 at 17:05

AJC

votes

3 answers

AD FS 3.0 Event ID 364 while creating MFA (and SSO)

I have an clean installation of AD FS 3.0 installed on windows server 2012. I am trying to create MFA on my internal network using this Codeplex. AD FS Management > Authentication Policies Multi-factor locations: Intranet Selected Multi factor…

windows-server-2012-r2 single-sign-on adfs

asked Feb 01 '16 at 09:17

djl

votes

1 answer

AD FS Setup Issue on 2012 R2 Domain Controller

I am trying to run the Add-KdsRootKey command on a 2012 R2 domain controller for AD FS setup and am receiving the following error: Add-KdsRootKey : The specified domain either does not exist or could not be contacted. (Exception from…

windows-server-2012-r2 adfs

asked Dec 02 '15 at 20:14

user259840

votes

0 answers

Working ADFS webapplication proxy. No SSO from webbroser to MSOFBA

We're implementing an WebApplication Proxy (WAP) on Windows server 2012R2 for our organisation to replace the authenticatin/SSO features of TMG. Currently we have a working WAP with SSO for: - SharePoint 2013 - Outlook - Office 365 - several other…

windows-server-2012-r2 sharepoint adfs microsoft-office web-application-proxy

asked Nov 30 '15 at 14:31

R van Moorsel

votes

1 answer

Creating custom AD claims in ADFS v1.x

I'm sorry if this is an uneducated question, but I'm growing a bit desperate here. At work, we have a few customers that are still using ADFS versions prior to 2.0 which went the SAML2 route, and I'm trying to create support for WebSSO using those…

active-directory windows-server-2003-r2 adfs

asked Oct 27 '15 at 13:18

DanielSmedegaardBuus

votes

1 answer

Office 365/ADFS Configuring aliases under different domains

We have Office 365 with ADFS for our domain (let's say domain.org) currently. We're considering converting about 150 users to it, all of whom currently have email via an Exchange server on a different email domain (otherdomain.com). We want these…

active-directory microsoft-office-365 adfs

asked Oct 13 '15 at 21:11

SausageBuscuit

votes

1 answer

Getting Nested User groups in ADFS

Trying to get all of the groups and nested groups for a user when authentication with ADFS basically I have a structure like this group1 -> subgroup1, subgroup2 group2 - >subgroup3, subgroup2 group3 -> subgroup1, subgroup4 if I add Group1 and…

active-directory adfs

asked Aug 10 '15 at 23:26

Bob The Janitor

votes

2 answers

Do I really need an account in domain\administrators for the Web Application Proxy with ADFS 3.0 on a domain controller?

I am trying to move my ADFS / WAP to the cloud to give better resilience after experiencing a recent failure. In part to save on VM costs, I am using just 2 VMs, with ADFS installed on a domain controller, and the WAP on a separate machine. It seems…

active-directory windows-server-2012-r2 adfs web-application-proxy

asked Jun 25 '15 at 20:10

Quinten

1,076
1
11
25

votes

1 answer

How to handle (and test) hybrid multi-forest with Office365

Let's say we have two domains: contoso.com and fabrikam.com. Both have: two UPNs (.local and .com) Then: Contoso.com have Lync servers on-premise. Exchange, Sharepoint 2013 and Azure AD on Office365 (E1 licensing). Fabrikam.com have AD and…

active-directory exchange microsoft-office-365 adfs lync

asked Mar 26 '15 at 10:02

Brice

votes

2 answers

Configuring ADFS to pass SID as claim

I have a system where we are using ADFS as identity provider to provide single sign on with WIF-based .NET appliacation. All works good and we are able to pass all claims as we need, for example here is the rule to pass the last name: c:[Type ==…

adfs

asked Mar 24 '15 at 19:17

Sebastian K

votes

1 answer

AD Forest/Domain Functionnal Rollback with DirSync/ADFS in place

At our main site we are running at 2012R2 (forest/domain) functional level and we currently have migrated our mailboxes to Office 365 using an exchange hybrid configuration with ADFS and Dirsync. We are actually planning to deploy RODCs in some of…

active-directory windows-server-2012-r2 microsoft-office-365 adfs rodc

asked Feb 05 '15 at 08:40

Maxwell

5,076
1
26
31

votes

1 answer

ADFS 3.0 Microsoft.IdentityServer.RequestFailedException: MSIS7012:

could someone help me out with ADFS? this is my first time using it as i'm setting up Microsoft Dynamics. i get the following error message: Encountered error during federation passive request. Additional Data Protocol Name: wsfed Relying…

windows-server-2012-r2 adfs microsoft-dynamics-crm

asked Jan 22 '15 at 00:33

djkevino

votes

1 answer

ADFS Relying Party - endpoint configuration

I'm working on setting up a lab environment with two Windows Server (virtual) machines that cooperate in an AD FS configuration. WIN-TORHJGJ7N: Windows Server 2012, running AD FS 2.0. Also the domain controller. ADFSSERVERPROXY: Despite its name,…

windows-server-2012 adfs endpoint

asked Oct 03 '14 at 14:11

Honoki

votes

2 answers

ADFS 2.0 on Windows Server 2012 R2

Wanted to know if ADFS 2.0 can be installed on Windows Server 2012? The below link says it can be installed and gives command to install but that command fails throwing the error 'ad-federation-services' is a invalid…

windows-server-2012-r2 single-sign-on adfs

asked Sep 23 '14 at 12:11

Sandeep S

votes

1 answer

ADFS SSO - LDAP Attributes as Claims - UPN as NameID - NameID Missing from SAML Response for users whose UPN is changed

ADFS SSO setup with Salesforce which uses UPN as NameID, has following configuration ADFS. Claim Rule Template: Send LDAP Attributes as Claims Claim Rule Name: Send the UPN as NameID LDAP Attribute: User Principal Name Outgoing Claim Type: Name…

single-sign-on adfs

asked May 13 '14 at 05:02

ClassCastException

Prev 1 2 3

…

24 25 Next