Hello,
The issue has been solved!
As described, he forms was different if I compare prod & lab.
We implemented custom themes, and our custom theme had many issues on our prod environment. It was a critical issue.
We choose to use a security feature "allowAdditionalAuthenticationAsPrimary". It's very interesting.
If you turn to $true, the form page is different.
We used 2 directories (AD & OpenLDAP), with organizationalAccountSuffix definition (for HRD page). With this configuration and AllowAdditionalAuthenticationAsPrimary turned to $true, there are some bugs.
My solution is:
- specify organizationalAccountSuffix FOR EACH claim provider,
- Disable AllowAdditionalAuthenticationAsPrimary (Set-AdfsGlobalAuthenticationPolicy -AllowAdditionalAuthenticationAsPrimary $false)
- if custom themes, re-apply the right theme (when you change parameter, default theme is applied (?!))