1,218 questions with Active Directory Federation Services tags
Do I need a verified domain to federate applications in Entra ID?
I'm trying to integrate an application with my tenant via SAML. It's one of the applications listed in Entra ID's application gallery. One of the steps required in the tutorial is to verify a domain in the application. As I'm not the owner of the…
![](https://techprofile.blob.core.windows.net/images/cn5rAK_ntk6wOGr0KZhm-w.png?8D9E5F)
How to Bulk Update Users Employee ID from an Excel File on Active Directory using Powershell
Hi, Does anyone knows how to use script to add employee ID in Active Directory Server using Window Powershell? Please help me!!! Thanks
How to deal with Expired Inactive Certificate?
We are using Azure AD for SSO with AWS. We have multiple Enterprise applications showing the status as "Expires soon", "Expired Inactive Certificate" or "Expired". For the "Expired" one, we have selected the new…
![](https://techprofile.blob.core.windows.net/images/aYOdQ8-R5kuXOc3OujekUg.png?8D9105)
Non-active directory users need authentication/SSO
Hi - Im looking for a license type or service provided that satisfies the ability to have non-active directory employees (ie: seasonal or temp employees) logging into an application via SSO. is there a way to do this so that you do not have a full O365…
![](https://techprofile.blob.core.windows.net/images/PT7QlfEdr0qdUKsDf1u5tw.png?8D801B)
Custom Login without the Microsoft Login Popup
Hi, Our client has a SAP Commerce Cloud(hybris) B2B solution and the login page is currently integrated with another IDP provider. They want to migrate to Azure AD and using the current login page want to seamlessly allow the user to login without the…
Is it possible to bypass the user details prompt for azure B2C federated login for first time user.
When a AD user try to login through the federated login user flow into application then login they are getting an user detail prompt page. We want to disable this flow for AD user. Team can you please help me with this.
Please help us customize adfs\ls endpoint in ADFS 5.0
Good day! Currently we are using ADFS 2.0 which has a site hosted at adfs\ls in the same federation service. And we customized adfs\ls site and add few of our own components. And we are in the process of migrating from ADFS 2.0 to ADFS 5.0 and the same…
AADSTS51004: The user account it does not exist in the e8c002ec-e5f4-4a8f-a41b-ce101e0a1a51 directory. To sign into this application, the account must be added to the directory
Hello, I am writing concerning an issue that I am experiencing, specifically with Federated domains where the entity provider is Google Workspace and the service provider is MS 365 A1. Even though from Google I reauthorise automatic provisioning for…
Problem with AD Connect
I inherited a system that had been federated to Azure using ADConnect v1, then they deleted the server and connected loaded ADConnect v2 and synced the domain to this. The cert expired and that is when I learned the did not use Federated domain to load…
![](https://techprofile.blob.core.windows.net/images/EcUT6BcZAQAAAAAAAAAAAA.png?8DA860)
Bypass HDR at ADFS for case Azure B2C as SAML Identity Provider
I have setup per this article https://video2.skills-academy.com/en-us/azure/active-directory-b2c/identity-provider-adfs-saml?tabs=windows&pivots=b2c-custom-policy It is working but now I need to Federated with another partner. Added this partner to Claims…
Does changing the email field on the on-prem field cause Legacy DN Value?
Hello, We have a hybrid environment with on-premises AD syncing to their Azure AD We converted an on-prem user profile to External ID in Azure AD. As a result, sending party is receiving an NDR whenever they try to send an e-mail to this converted…
About IE GPO policy
In Computer Policy GPO Management Templates > Windows Components > Internet Explorer >Internet Control Panel>Security Page>Intranet Zone Items within Allow websites to prompt for information using scripted windows - Prompt for information using…
SingleLogout privatekey and certificate
I am using Spring security https://docs.spring.io/spring-security/reference/5.7/servlet/saml2/logout.html for implementing SAML single logout. I got my single logout flow to work by providing a dummy set or private and public key since it requires me to…
"The certificate doesn't have a private key error" in adfs diagnostic analyzer after updating adfs certificate.
I updated our ADFS Service Communications Certificate today. Everything seems find and I'm seeing successful authentications, however when I run Microsoft's ADFS "Diagnostics Analyzer" I'm seeing a new error that states, "The certificate…
Need the Endpoints to trigger the OTP and Verify the OTP via CUSTOM CODE
Hi , We are trying to integrate the passwordless authentication mechanism in our current system. I have create the User Flow and have tested it as wellm which seems to be working fine. As of the next step, what I am trying to achieve is get the…
About Exchnage online scheme extension
I have extent Exchnage online schema in AD environment The setup was completed without any error Now my next step will be AADC synchronization but the problem is although I have extent exchange schema with out any error I dont know whether it will…
Azure MFA to On-premises applications without ADFS and AzADAppProxy
Hi. I need to know what options do I have to force my internal apps to request Azure MFA when my clients access internally (or externally, published in the firewall). I don't want that my on-premises apps needs to go via application proxy via azure,…
![](https://techprofile.blob.core.windows.net/images/mmZjVX7E9E2norR_QCwc-w.png?8DC8CC)
How can a service account in active directory sign in to azure with adfs?
Hi, How can a service account in active directory sign in to azure with ADFS? It seems like when using ADFS, the domain user has to enter his credentials to a login page. What should a service account do in the same case (as it is not an interactive…
Delegated permission to access Entra ID page?
As per this security article, I have ensured that Restrict access to the Azure AD administration portal is set to Yes**.** What is the custom Azure AD / Entra ID role I must create that allows the user access to the access below page as read-only: …
![](https://techprofile.blob.core.windows.net/images/WsWYoGdWukeBW66msAr6qQ.png?8D8128)
![](https://techprofile.blob.core.windows.net/images/WsWYoGdWukeBW66msAr6qQ.png?8D8128)
About exchnage schema extention in AD
Mailnickname attribute is absent in my AD which I need for AADC sync so I install Exchnage server 2019 in AD and run setup command which continuosly giving me error First of all I want to ask is my method is correct? or Can we extent Exchnage schema…