Questions tagged [adfs]

Microsoft Active Directory Federation Service is an identity federation technology that provides single sign on access to web services and web applications using WS-* and SAML.

Microsoft Active Directory Federation Service is an identity federation technology that is compliant with industry standards such as WS-* and SAML 2.0. ADFS allows an organizations to use claims based access to web applications/services and provide single sign on (SSO) access to web applications. As ADFS is based on industry standards, interoperability with 3rd party federation technology is possible.

The initial version (ADFS 1.0) was shipped from Windows Server 2003 R2 onwards and is available in-box as of Windows Server 2008 R2. The latest version (AD FS 2.0) however is an out-of-band release that can be downloaded from http://www.microsoft.com.

More details are available from http://www.microsoft.com/windowsserver2008/en/us/ad-fs-2-overview.aspx

Claims based identity and access is explained at http://msdn.microsoft.com/en-us/library/ff423674.aspx

IT pro specific content is available from http://social.technet.microsoft.com/wiki/contents/articles/2735.aspx

365 questions

votes

2 answers

Using ADFS 2.0 for Google apps single sign on

Microsoft Active Directory Federation Services 2.0 has been recently released, and it has passed interoperability tests for SAML 2.0. Does this mean that is can be used to authenticate users of Google Apps which also uses SAML? Has anyone…

asked May 19 '10 at 19:48

Zoredache

130,897
41
276
420

votes

1 answer

Cannot set CORSEnabled and CORSTrustedOrigins properties on ADFS 2019

The Problem: There are properties in ADFS 2019 that indicate that you can enable CORS Headers for the ADFS Login Page and set the allowed origins. Get-AdfsProperties CORSEnabled : False CORSTrustedOrigins …

adfs cors windows-server-2019

asked Jan 07 '19 at 08:42

Thomas Lazar

votes

1 answer

How to integrate Office 365 with Microsoft on-premise Multi-Factor Authentication?

We purchased Microsoft Multi-Factor Authentication (on-premise). How do I integrate that with Office 365? We have Azure AD Connect syncing on premise AD to Azure. We also have ADFS setup to enable SSO for Office 365. Do I just need to install…

azure microsoft-office-365 adfs

asked Apr 11 '18 at 14:29

Brent Mattson

votes

1 answer

ADFS: Convert SAML Assertion to OAuth Token?

We have Microsoft Active Directory Federation Services (ADFS) as our authentication/federation provider. We use it for performing identity federation via SAML to several external vendors, SaaS providers, etc. In addition, we have several vendors…

authentication adfs saml oauth token

asked Mar 08 '18 at 19:38

Shadowman

votes

1 answer

Can we configure ADFS for IDP initiated SSO

I'm looking for ways of integrating ADFS as a IDP for a SAML2 service provider. I have already configured the SAML2 provider with the verification certificates etc. And we used "Add Relying Party Trust Wizard" to configure ADFS with the details of…

single-sign-on saml adfs

asked Mar 29 '17 at 10:49

Jayantha Lal Sirisena

votes

1 answer

Where do I purchase token signing certificate for ADFS?

We are integrating with ADFS (SAML) with a customer. The customer requires us to obtain token signing certificate, trusted by well known CA. The certificate will be used to sign SAML requests that are sent to IdP. Most of the vendors sell SSL cert…

certificate single-sign-on adfs saml

asked Feb 23 '17 at 23:31

weilin8

votes

3 answers

ADFS Passive Request = "There are no registered protocol handlers"

Im trying to configure ADFS to work as a Claim Provider (I suppose AD will be the identity provider in this case). Just for simple testing, ive tried the following on windows server 2016 machine: 1) Setup AD and domain = t1.testdom (Its working…

single-sign-on adfs windows-server-2016

asked Jan 05 '17 at 06:51

Raheel Hasan

votes

1 answer

Configuring Google Chrome to Connect to AD Configured with Kerberos and Using ADFS

I'm trying to configure Google Chrome (and Firefox) to authenticate using Active Directory tunneled through ADFS SAML/Kerberos Endpoints and an Apache application using Shibboleth. Here are some settings I have inside each machine. Active Directory…

windows-server-2012-r2 kerberos adfs google-chrome saml

asked Dec 29 '16 at 23:37

Franz Noel

votes

2 answers

AADSTS90019 when attempting automatic Azure AD registration of domain-joined Windows 10 device

I am attempting to set up automatic AAD join for Windows 10 as described here: https://azure.microsoft.com/en-gb/documentation/articles/active-directory-conditional-access-automatic-device-registration-setup/ We have two internal ADFS 3.0 servers…

windows-server-2012-r2 microsoft-office-365 adfs azure-active-directory

asked Nov 14 '16 at 15:32

Cameron

votes

2 answers

ADFS error after upgrading from ADFS 2.1 to 4.0

I don't know if anyone has seen this issue or has any ideas? We've recently migrated ADFS from ADFS 2.1 on W2008r2 to ADFS 4.0 on W2016. Basic functionality seems fine but I'm seeing an issue with updating federation metadata with all of my relying…

active-directory adfs windows-server-2016

asked Oct 25 '16 at 13:21

Rob Moir

31,884
6
58
89

votes

2 answers

Security error when adding a secondary ADFS Server

I have created an ADFS server according to the guide on technet. However, when attempting to add a secondary ADFS server using the latter part of this guide on technet, the process fails. PS > Import-Module ADFS PS > $serviceAccountCredential =…

windows-server-2012-r2 adfs

asked Oct 12 '16 at 14:40

Cameron

votes

1 answer

How to move ADFS to new servers?

Environment: an Active Directory forest with multiple domains, several of which are federated with the same Office 365 tenant; directory synchronization is in place, ADFS too. There is a single ADFS server (WS2012R2) and a single Web Application…

microsoft-office-365 adfs

asked Sep 13 '16 at 15:08

Massimo

70,200
57
200
323

votes

2 answers

Office 365 SSO with different internal and external domain names

I'm trying to get SSO to work with Office 365 and Sharepoint online and I'm getting really confused. My internal domain is "internal.com" and my external name is "external.com". external.com is added as a domain in O365, but internal.com is not.…

active-directory microsoft-office-365 single-sign-on adfs azure-active-directory

asked Jul 01 '16 at 01:21

blsub6

1,131
6
25
45

votes

3 answers

List of well known Claim Type

I'm building a single sign-on service using ADFS. I can't find a complete list of claim types (Ex: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier). There are some partial lists on Microsoft's website and the Oasis…

adfs

asked May 12 '16 at 23:33

user1424660

votes

1 answer

ADFS 3.0 Need Powershell command to remove Homelink

I am working on a Microsoft Windows Active Directory ADFS 3.0 (2012 R2 specifically) server. I was testing the Set-AdfsGlobalWebContent -Homelink and -Homelinktext options. I'd like to now remove/blank these out. I've tried using empty quotation…

active-directory windows-server-2012 windows-server-2012-r2 adfs

asked Feb 19 '16 at 17:00

user339468

Prev 1 2

…

24 25 Next