1,219 questions with Active Directory Federation Services tags
Creating 2nd ADFS farm in the same domain to be used for dev
We currently have an AD FS 2012 farm setup that it's working fine. We would like to setup a new AD FS 2016 Farm. Can we have two separate ADFS farms in the same Active Directory domain? Would it cause any issues? Should the second farm use different…
What are the configurations required to federate ADFS and Shibboleth Idp ?
Our IdP is Shibboleth, Devices are AD joined and Hybrid AAD Joined through AzureADSync, But Intune enrolment of the HybridEntraID Joined devices failed because Shibboleth doesn't support WS-Trust protocol. Now the solution is to implement an ADFS and…
Active directory integrated auth with hybrid environment not working
We have two domains. A .local domain and a .com domain. The environment is hybrid with PHS set up with AD sync. When I go into my entra ID portal, my users are showing as the .com domain which is expected. The on premises area shows synced to the .local…
How to call Graph API after logging in with AWS Cognito hosted UI
Hi, Our react application authenticates through SAML based federated Azure AD identity provider for AWS Cognito. So the application received Cognito ID and access tokens after login. I have a need to display the profile picture of the logged in user, for…
![](https://techprofile.blob.core.windows.net/images/ZmCqtj76I02bBVBh5r7-eQ.png?8D81C8)
How to migrate users from on-prem environment to another on-prem environment?
Hello, I want to know how to migrate users from one on-prem environment to another on-prem environment? As in our scenarios we want to migrate lots of users from one on-prem environment to another on-prem environment. So can you please suggest and help…
How can I send all groups that a user is member of in the SAML assertion?
Hi guys, The SP provider sending the request to AWS that forward to ADFS - Microsoft ADFS responds with all information NameIP, UPN,evertyhting and is working. However, I am finding an issue to send groups of the USER is a member of. The groups are…
How to update ADFS server SSL certificate?
As shown in the link https://video2.skills-academy.com/en-us/troubleshoot/windows-server/identity/change-ad-fs-2-dot-0-service-communications I have followed steps 1, 2, and 4 to update the SSL certificate on the ADFS server, but I am unable to complete step 3…
![](https://techprofile.blob.core.windows.net/images/DWJKoDpB3UyQFnn07qJflA.png?8DBDAA)
How to remove duplicate SPN, ADFS after migration
I can’t figure out where the same SPNs are. And what needs to be removed. And how to remove it. The problem is this. After migrating the ADFS server (converting a virtual machine from hyperv to vmware), the Active Directory Federation Service stopped…
Azure AD signing option and certificate are greyed out. Is this an authorization issue?
Hello I'm trying to setup SSO for an Applicationin Azure. I create a new enterprise application. When I trying to download metadata under SAML, the link for "Federation Metadata XML " is greyed-out. why can't I download this? Many thanks
![](https://techprofile.blob.core.windows.net/images/PT7QlfEdr0qdUKsDf1u5tw.png?8D801B)
Bi-directional trust in multi-forest and separation of a domain as two separate company
Hi, I have an environment where there is a domain which needs to be separated into 2 tenants. Currently the domains have been the same and there is a single azure tenant. Now, this needs to be separated into two, and there is bi-directional trust in…
Automatic Redirection after Password Change with ADFS
Hello I am looking for a way to have the update password page automatically redirect back to the login URL with ADFS, when the password change is completed by the end user or when the user is disabled. Is there a way to do this?
AD CS Web Enrollment: Invalid pointer 0x80004003 (-2147467261 E_POINTER)
I have a Windows 2019 server set up as a CA in my environment. It's tied to my DC. I have IIS installed and certificate web enrollment is in use. I can browse to my https://CA/certsrv no problem. The websites certificate is valid and trusted. I can log…
How to fix the SAML Error Request not signed. Policy requires signed authentication requests
I followed the steps in the this guide: https://video2.skills-academy.com/en-us/azure/active-directory-b2c/saml-service-provider?tabs=windows&pivots=b2c-custom-policy. However, on the last step, when trying to test my SAML setup with the provided Test App,…
Domain trust between two different domains with same alias name
There are two domains domaina.local and domainb.local but the domain alias name for both domain is testabc. Now wanted to create a trust between these tow domains. Need your valuable suggestion whether this is feasible or not.
How to capture all users actions in WAP and ADFS
Hello We use Web Application Proxy with AD FS to authenticate users and give them access to our internal Report Server site. Everything works fine, but our IT Security department wants to have logs about all users requests to internal site through WAP…
How to backup and restore Windows Active Directory Sites and Services and DNS
The backup software I use only backs up objects in the NTDS database. I understand that DNS and Sites and Services are not part of or in the NTDS database. What is the recommended way to backup Sites and Services and DNS? Please provide utility name and…
b2c , singin only user flow , gives AADB2C99002: User does not exist. Please sign up before you can sign in.
i have a web app and using b2c with pingone identity provider in "sign in only" user flow with no local users setup ,with application claims as :display name , email , given name, identity provider and identity provider access token ,…
Locked myself out of Entra ID domain, cannot remove Federation (Google as IdP)
Hi! In the process of trying to setup Google as IdP and Azure as SP, I ended up breaking something and now noone from the domain can login ;(. When trying to login to MS services, users enter their username, but and then greeted with "Choose a way…
Federated domain
Hi, We have a few custom domain names in Azure, but only one is Federated. How can we make another domain Federated?
![](https://techprofile.blob.core.windows.net/images/KhnRGP5_AwAAAAAAAAAAAA.png?8DBA61)
Issues with Active Directory Federation Services (ADFS)
Hi, My Name is Shanaya, and I work for Petromet Sealings as a Asbestos Gland Packing Manufacturer in India. While setting up ADFS for our company's single sign-on procedure, I ran across a few authentication problems. Although everything appears to be…
![](https://techprofile.blob.core.windows.net/images/PT7QlfEdr0qdUKsDf1u5tw.png?8D801B)