Questions tagged [adfs]

Microsoft Active Directory Federation Service is an identity federation technology that provides single sign on access to web services and web applications using WS-* and SAML.

Microsoft Active Directory Federation Service is an identity federation technology that is compliant with industry standards such as WS-* and SAML 2.0. ADFS allows an organizations to use claims based access to web applications/services and provide single sign on (SSO) access to web applications. As ADFS is based on industry standards, interoperability with 3rd party federation technology is possible.

The initial version (ADFS 1.0) was shipped from Windows Server 2003 R2 onwards and is available in-box as of Windows Server 2008 R2. The latest version (AD FS 2.0) however is an out-of-band release that can be downloaded from http://www.microsoft.com.

More details are available from http://www.microsoft.com/windowsserver2008/en/us/ad-fs-2-overview.aspx

Claims based identity and access is explained at http://msdn.microsoft.com/en-us/library/ff423674.aspx

IT pro specific content is available from http://social.technet.microsoft.com/wiki/contents/articles/2735.aspx

365 questions

votes

1 answer

IDP initiated SSO does not works on Win server 2016

I am trying to setup IdP initiated SSO on Windows Server 2016. I have configured the Relying party trust and the claim rules as well. I enabled the IdP Sign on page following -…

asked Aug 13 '20 at 10:20

Techievent.in

votes

1 answer

Can we add other password service like password hash as backup for ADFS?

I have configured ADFS password authentication. Now I have question if ADFS goes down for any reason, how do I cope with this situation? What steps do I need to add other password authentication service as backup for ADFS?

azure azure-active-directory adfs azureadconnect

asked Aug 09 '20 at 12:55

Sid

votes

0 answers

ADFS certificate-based authentication using machine (not user) certificates

I have an environment running Windows 2012 R2 ADFS. We've set up certificate-based authentication using client certificates (user certificates) and it's working as expected. They would like to use machine certificates instead of user certificates…

active-directory adfs

asked Jul 17 '20 at 19:03

Bobby Dore

votes

0 answers

SAML with mod_auth_mellon results in error: Error processing authn response. Lasso error: [-432]

I have a issue with implementing SSO against ADFS with an Apache HTTPD Webserver using mod_auth_mellon. The error I get after authentication has been actually succeeded is: Apache HTTPD returns a HTTP 401 (Unauthorized: This server could not verify…

httpd adfs saml

asked Jul 16 '20 at 21:17

user1240076

votes

1 answer

Configure ADFS to allow access for server application and apply authentication policy

My goal is to delegate authentication from my OIDC Identity Provider (using Identity Server 4) to an ADFS. In ADFS I would like to configure as well that MFA has to be used in that scenario. According to the docs and my interpretation I created a…

adfs oauth

asked Jun 12 '20 at 14:58

Diego Frehner

votes

1 answer

ADFS 4.0 IDPinitiatedSignOn Page Error: HTTP 400 - Bad Request (Request header too long)

We are facing an issue with our WHFB enrollment process. The ADFS server Windows Intergrated login process is throwing error: HTTP 400 - Bad Request (Request header too long). The issue is limited to one user at this point of time ADFS…

active-directory kerberos adfs

asked Jun 04 '20 at 09:14

IshRaj

votes

1 answer

WHfB - Hybrid Certificate Trust - Failed provisioning

After setting up Windows Hello for Business, in a Hybrid Azure AD joined Certificate Trust Deployment scenario, i ended up with the following events in my test client machine after a failed provisioning. I reviewed my setup, but i must be missing…

azure adfs azureadconnect

asked May 15 '20 at 15:34

Ricardo Garrido

votes

1 answer

how to handle mixed domain (onprem and oncloud users)

i need to setup adfs to activate sso for an application. We need to use adfs because we have more tenands and subdomains. But my problem is, that we have some users existing only in cloud but not onpremise, so they will not logon anymore on…

adfs single-sign-on office365

asked Apr 03 '20 at 10:46

nomis bz

votes

1 answer

ADFS not receiveing role information for some users

Our ADFS is no longer able to retrieve role information from Active Directory for some of our users. Two things happened around the time this issue started. The first was that the ADFS anchor claim type was changed from WindowsAccountName to UPN. …

active-directory adfs

asked Mar 26 '20 at 21:40

Nick Sarabyn

votes

1 answer

Is there a claim type in ADFS that states if the authentication was performed on the private or public interfaces?

Although I don't recall the correct terminology, my understanding is that a particular relay application may be provisioned separately for intranet only, or both intranet and internet. I would be interested to pass the information about which of the…

adfs saml

asked Feb 04 '20 at 16:07

user2123288

votes

1 answer

Obtain NameIdentifier (sub) in AD FS

I would like to obtain the sub (NameIdentifier) of a user for an AD FS application in order to allow him to identify in an application's user table. https://docs.microsoft.com/en-us/azure/active-directory/develop/id-tokens#using-the-id_token This is…

powershell adfs

asked Jan 28 '20 at 09:34

carraua

-1

votes

1 answer

What is difference between Active Directory Federation Services and Webserver IIS?

In the Windows world, IIS is used to deploy a website or application and while going through ADFS links from Google I got a feeling that its also allowing user to access web application. What's the difference between two of them, while logging…

windows active-directory iis windows-server-2012-r2 adfs

asked Feb 04 '18 at 09:53

Bodhi

-1

votes

1 answer

Purpose of "secure hash algorithm" option in ADFS relying party properties

What does the "secure hash algorithm" option specified in the Advanced tab of the ADFS relying party trust properties actually affect? Is it a security problem that SHA1 is one of the options? If not, why not? Screenshot: ADFS relying party…

single-sign-on adfs saml

asked Sep 21 '16 at 11:45

Andrew M

-1

votes

1 answer

ADFS/SSO on a AWS EC2 Linux server

I have a website running on a AWS Linux EC2 instance with a Cpanel/WHM installation. Until now the website was protected by a single password, but I was asked to implement the company's Single Sign On. We have ADFS 2.0 and Azure AD. We have some…

ldap adfs azure-active-directory

asked Nov 10 '15 at 09:53

Gary

-1

votes

1 answer

ADFS 403 Error On login page

I just installed ADFS on my Windows Server 2012 and I am getting stuck. If I go to https://mail.mywebsi.te/adfs/ls I instantly get an 403 error without it actually showing the Default login screen. With kind of regards, EnderWolf

adfs http-status-code-403

asked Oct 06 '15 at 20:03

EnderWolf

Prev 1 2 3

…

25 Next