1,218 questions with Active Directory Federation Services tags
Joining new AD FS Windows Server 2019 to the old AD FS 2012 R2 farm - SPN/SOAP issues
Hello, I work with environment where I have really old setup. I tried to perform not recommended in-place upgrade, it succeed on a few common machines but it's different with AD DC... Due to complication I decided to create new DC and migrate overtime…
Joining new AD FS Windows Server 2019 to the old AD FS 2016 farm - SPN/SOAP issues
Hi I am getting issue when I am trying to add new adfs server to adfs farm, below is the issue I am getting. Please help. SOAP security negotiation with 'serverName/adfs/services/policystoretransfer' for target…
How to disable Teams from using logged in user's credentials for ADFS
Hi, Currently we have two separate domains and would like the users on domain2 to be able to log into a teams account on another domain1. We have the user enter the credentials for domain1 but when we have them attempt this they get the…
SSO for Grafana with AzureAD Authentication Using Client Certificates Instead ClientID/ClientSecret
I'm trying to set up Grafana with SSO authentications- I have all the relevant endpoints to configure SSO and test it successfully but recently i was asked to not to use Client_ID/Client_Secret as shown below due to some security…
SAML Query to Active Directory - LDAP performance Challenges
In my environment, User authentication to a critical application is happening through ADFS SAML query. In the SAML query in turn do query to AD. Now we are getting auth failure in application due to slow response from AD as mentioned by application team.…
Assistance Needed: Checking DNS Propagation Delay, Zone Locks, and File Locks in Active Directory
Dear Expertise, I'm seeking assistance with a few aspects of Active Directory management and troubleshooting. Specifically, I need guidance on how to check and address the following issues and best practice: DNS Propagation Delay: I'm looking to…
ADFS Authentication Issue in .Net 8
I have an existing ASP.NET MVC application that relies on ADFS authentication. I'm currently upgrading it to .NET 8. As part of the upgrade process, I prioritized implementing the authentication functionality first. However, I'm encountering an issue…
Automatic Sign On with Windows credentials in ADFS for Domain joined computers
Dear All, In our organization we activated an AD FS server (Windows Server 2022) and we have a SAML 2.0 Service Provider authenticating with it. Every time we open Edge for the first time in the day and try to access this service provider, it redirects…
Sharepoint 2019 on prem with Office Online Server and ADFS, connection was reset for some domains
Hi, Environment: Air gapped system with connection to few domains; Sharepoint 2019 Enterprise on prem with ADFS (no NTLM auth); LDAPCP plugin; MS Office 2016; Office Online Server 2016 published through WAP with passthrough settings; ADFS (LAN)…
What are the benefits of the existing single forest AD Domain to convert or upgrade the AD Domain Controllers from FRS to DFSR?
What are the benefits of the existing single forest AD Domain to convert or upgrade the AD Domain Controllers from FRS to DFSR? https://video2.skills-academy.com/en-us/windows-server/storage/dfs-replication/migrate-sysvol-to-dfsr FFL & DFL: Windows Server…
Future cloud id log on may minimise codes and authentication times
After 20 plus years of fighting to keep up with the software hardware revolution I am pragmatic about the softening and less mentally draining functionality we are beginning to see with AI development, cloud services, faster speeds, internet expansion,…
ADFS service start failure
Dear Experts, We are not able to restart adfs service after activating new SSL certificate with "Set-AdfsSslCertificate -Thumbprint 'XXXXXXXXXXXACF1D94XXXXXXXXXXXXXXXXX" command. Below is the error we receive: on…
Slow LDAP Query Response. AD LDAP Performance Tuning Analysis
In our environment we are getting application authentication failure through ADFS-SAML. While ADFS is doing LDAP query from AD, AD is responding slow to ADFS with query output data, which causing either delay in authentication or failure(time-out). Here…
Unable to access Azure AD SAML mobile app in android 8.0 mobile device
We have an Azure AD enterprise app which supports SAML protocol for authentication. The app is working fine when accessed from system's browser, mobile device browser or when installed on personal Android /iOS device. However, when the same app is…
Unable to verify token signature. The signing key identifier does not match any valid registered keys.
getting this below error for all new starter, and if we change the password on old user they are not able to login on O365. Sign-in error code 5000811 Failure reason Unable to verify token signature. The signing key identifier does not…
Cannot enable Staged Rollout from Federation to PTA
We are currently federated to Entra ID with ADFS on premises. We are attempting to run the staged rollout feature with PTA and seamless sign on. Following this article: …
ADFS 4.0 2016 - can't view/browse "..federationserverservice.asmx" locally an external
After a fresh installation of ADFS on Server2016 I'am not able to open the following Url locally on the ADFS Server: https://<ADFS-FQDN>/adfs/fs/federationserverservice.asmx IE -> This page can’t be displayed Chrome -> This site can’t…
Remove last Exchange server from hybrid environment
Hi, We are Company of 10K mailboxes, and now we haves moved our mailboxes to Office 365, there are no mailboxes in on-prem Exchange. Just being used for Hybrid configuration and SMTP relay. Now we are planning to remove the last server from our…
windows hello for business On-Premises deployment error event
I try to deploy the on-prem HfB. We are running at domain function level of 2012R2. The single AD FS server runs 2019. I followed exactly the microsoft guide. But when I start my domain PC, the enroll process never happen. Here is the event 1021 messge…
Issue connecting Azure Windows Server VM to Blob Storage File Share
I am having trouble connecting my Azure Windows Server VM to a Blob Storage File Share, where 25 users have been assigned permission. I have been troubleshooting this issue for the past 5 days and cannot seem to resolve it. Can anyone help me with this…