Questions tagged [adfs]

Microsoft Active Directory Federation Service is an identity federation technology that provides single sign on access to web services and web applications using WS-* and SAML.

Microsoft Active Directory Federation Service is an identity federation technology that is compliant with industry standards such as WS-* and SAML 2.0. ADFS allows an organizations to use claims based access to web applications/services and provide single sign on (SSO) access to web applications. As ADFS is based on industry standards, interoperability with 3rd party federation technology is possible.

The initial version (ADFS 1.0) was shipped from Windows Server 2003 R2 onwards and is available in-box as of Windows Server 2008 R2. The latest version (AD FS 2.0) however is an out-of-band release that can be downloaded from http://www.microsoft.com.

More details are available from http://www.microsoft.com/windowsserver2008/en/us/ad-fs-2-overview.aspx

Claims based identity and access is explained at http://msdn.microsoft.com/en-us/library/ff423674.aspx

IT pro specific content is available from http://social.technet.microsoft.com/wiki/contents/articles/2735.aspx

365 questions

vote

0 answers

ADFS Claim Rule - Using ObjectClass

I am attempting to create a custom claim rule in ADFS but I am at a loss as to how to do it. I have the following for users in my AD: ObjectClass = PrivatePerson Attribute = PrivatePersonAttribute1 I need to be able to return the value for the…

active-directory ldap adfs

asked Nov 22 '19 at 07:54

Ted Joffs

vote

0 answers

ADFS with Group Policy from AD

My question: Is it possible to enforce Group Policy into Active Directory Federation Service? I have ADFS, Web application proxy and a web server. I wish to configure it so that a user who logs into the ADFS via the web page can be enforced with a…

active-directory group-policy adfs

asked Jul 09 '19 at 13:07

xxestter

vote

0 answers

ADFS + Google: login credentials could not be verified

We migrated to the G-Suite Gmail last year, everything was working normally. AD FS page is runnign on windows server 2k12. Since yesterday google could not validate credentials => AD FS page login successfully, but google g-suit print error: Login…

windows-server-2012-r2 g-suite adfs

asked Jul 09 '19 at 10:09

Adam Perinay

vote

0 answers

ADFS configuration fails with 'The server is unwilling to process the request'

I am trying to configure ADFS on Windows Server 2016. I followed a bunch of guides online and managed to setup the Directory Service, and Certificate Service. When I try to finish post-deployment configuration for ADFS, the setup fails with the…

windows-server-2016 adfs

asked Jul 01 '19 at 16:49

elssar

vote

1 answer

ADFS is able to load uninstalled DLL from GAC (global application cache)

I am using gacutil to install / uninstall a .dll file on Windows Server. When I run the sh Register-AdfsAuthenticationProvider -TypeName "MFAadapter.MyAdapter, MFAadapter, Version=1.0.0.0, Culture=neutral, PublicKeyToken=d8adf87d2f36ce35,…

windows adfs gac

asked Jun 08 '19 at 14:40

anekix

vote

1 answer

Why can't I transform this claim with AD FS?

I have an IP-STS which is issuing a claim that contains an ampersand. Using AD FS on a claims provider trust, I can't seem to transform it. If I remove the ampersand from the claim, it transforms correctly. What is the correct syntax to transform…

adfs

asked Apr 08 '19 at 21:39

Mitch

2,363
14
23

vote

0 answers

ADFS: Show active sessions and logout users from server

To develop and test a single sign-on ADFS solution, we have set up a Windows 2012 server with ADFS. The single sign-on process now works, and it possible for our service (acting as a Service Provider) to authenticate with this ADFS-server (acting as…

windows-server-2012-r2 adfs

asked Jan 25 '19 at 10:19

JeroenHoek

vote

1 answer

Should the AD FS Federation metadata for a Relying Party Trust be publicly accessible?

If I am a relying party, I can expose federation metadata to ease configuration for AD FS so I can import it into the Create a Relying Party Trust wizard. I can also choose to enable automatic updates so AD FS checks this file regularly. This file…

windows active-directory adfs saml

asked Jan 11 '19 at 17:38

Melvin

vote

1 answer

setting up ADFS without SSL certificate

I want to know if it's possible to set up ADFS on a domain controller without having to use an SSL certificate, and if you must use one, is it possible to have on created/validated for free?

ssl-certificate domain-controller adfs

asked Dec 10 '18 at 11:25

Matthew

vote

2 answers

Use specific claims provider trust for a specific application group

I have a Windows Server 2016 on which I am using ADFS. I followed the link at https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/configure-ad-fs-to-authenticate-users-stored-in-ldap-directories to configure LDAP (AD LDS) as…

authentication windows-server-2016 adfs

asked Dec 10 '18 at 09:54

Chaitanya Gadkari

vote

1 answer

Is it possible to revoke or invalidate a refresh token in ADFS 4 (ADFS 2016)?

I have searched the documentation and I don't find how or if it is possible to revoke a refresh token in ADFS 4 (ADFS 2016). I'm worried about what may happen if a malicious user steals a refresh token that has an expiry time of 1 year for example.

adfs oauth

asked Oct 18 '18 at 11:30

Eloy Roldán Paredes

vote

1 answer

ADFS Event 329 - Certificate Could Not Be Decrypted

Using MS scripts, I attempted a migration of an ADFS 2.0 configuration (on Windows 2008R2) to a new ADFS server (Windows 2016) server. I have warnings in my event log that seem to be linked, via the thumbprint in the error, to the token-decrypting…

certificate windows-event-log adfs

asked Aug 23 '18 at 02:02

alphadogg

vote

1 answer

OSname equals Microsoft Windows Server 2012 R2 Standard but AdfsVersion equals 2.0. How can this be? What to do?

Excerpted results from PowerShell query: PS C:\Windows\system32> Get-AdfsSystemInformation OSVersion : 6.2.9200.0 OSName : Microsoft Windows Server 2012 R2 Standard MachineType : VMware Virtual…

windows-server-2012-r2 adfs

asked Jul 25 '18 at 16:01

David

vote

1 answer

Shibboleth SP 2 and ADFS sha1 to sha256

With shibboleth SP 2, I need to configure ADFS (as IdP) in advance tab SHA-1 algorithm to work fine. If I configure in ADFS SHA-256 hash algorithm, I get an error in ADFS event log, that SP reponses with SHA-1 algorithm. My stack OpenSSH,…

adfs shibboleth

asked Jul 25 '18 at 12:44

Mr_Thorynque

vote

1 answer

ADFS Still Active but Office 365 Domains Aren't Federated

I've inherited a network where at some point the company had both Dirsync with ADFS and Azure AD Connect running at the same time. I don't know what harm this may have caused. Dirsync was then removed. Azure AD Connect was uninstalled, reinstalled,…

adfs office365

asked Jun 21 '18 at 20:17

Brandon

Prev 1 2 3

…

24 25 Next