1,201 questions with Active Directory Federation Services tags
SSO for Grafana with AzureAD Authentication Using Client Certificates Instead ClientID/ClientSecret
I'm trying to set up Grafana with SSO authentications- I have all the relevant endpoints to configure SSO and test it successfully but recently i was asked to not to use Client_ID/Client_Secret as shown below due to some security…
ManagedIdentityApplication.AcquireTokenForManagedIdentity("api://AzureADTokenExchange") giving error in local machine.
Hi, I am implementing the "Federated Identity Credential" along with User Managed identity in .net core 3.1 web api. Getting the error code: "managed_identity_unreachable_network" with error message "A socket operation was…
ADFS Authentication Issue in .Net 8
I have an existing ASP.NET MVC application that relies on ADFS authentication. I'm currently upgrading it to .NET 8. As part of the upgrade process, I prioritized implementing the authentication functionality first. However, I'm encountering an issue…
Assistance Needed: Checking DNS Propagation Delay, Zone Locks, and File Locks in Active Directory
Dear Expertise, I'm seeking assistance with a few aspects of Active Directory management and troubleshooting. Specifically, I need guidance on how to check and address the following issues and best practice: DNS Propagation Delay: I'm looking to…
ADFS login failing for a specific user in .Net 4.5
I have an MVC application utilizing ADFS authentication. Authentication for a specific user has been failing over the past few weeks. The SAML response status is 200, indicating successful authentication from the server. Upon inspecting the SAML response…
Automatic Sign On with Windows credentials in ADFS for Domain joined computers
Dear All, In our organization we activated an AD FS server (Windows Server 2022) and we have a SAML 2.0 Service Provider authenticating with it. Every time we open Edge for the first time in the day and try to access this service provider, it redirects…
Sharepoint 2019 on prem with Office Online Server and ADFS, connection was reset for some domains
Hi, Environment: Air gapped system with connection to few domains; Sharepoint 2019 Enterprise on prem with ADFS (no NTLM auth); LDAPCP plugin; MS Office 2016; Office Online Server 2016 published through WAP with passthrough settings; ADFS (LAN)…
What are the benefits of the existing single forest AD Domain to convert or upgrade the AD Domain Controllers from FRS to DFSR?
What are the benefits of the existing single forest AD Domain to convert or upgrade the AD Domain Controllers from FRS to DFSR? https://learn.microsoft.com/en-us/windows-server/storage/dfs-replication/migrate-sysvol-to-dfsr FFL & DFL: Windows Server…
Future cloud id log on may minimise codes and authentication times
After 20 plus years of fighting to keep up with the software hardware revolution I am pragmatic about the softening and less mentally draining functionality we are beginning to see with AI development, cloud services, faster speeds, internet expansion,…
ADFS service start failure
Dear Experts, We are not able to restart adfs service after activating new SSL certificate with "Set-AdfsSslCertificate -Thumbprint 'XXXXXXXXXXXACF1D94XXXXXXXXXXXXXXXXX" command. Below is the error we receive: on…
Slow LDAP Query Response. AD LDAP Performance Tuning Analysis
In our environment we are getting application authentication failure through ADFS-SAML. While ADFS is doing LDAP query from AD, AD is responding slow to ADFS with query output data, which causing either delay in authentication or failure(time-out). Here…
Create custom CloudAP plugin to authenticate to windows machine which is entra Joined?
My domain is federated with custom inhouse IDP and when the user tries to login in the entra joined machine as IDP CloudAP authenticates the user right? Is it possible to create custom CloudAP Plugin so after user enters the password our idp can enforce…
Unable to access Azure AD SAML mobile app in android 8.0 mobile device
We have an Azure AD enterprise app which supports SAML protocol for authentication. The app is working fine when accessed from system's browser, mobile device browser or when installed on personal Android /iOS device. However, when the same app is…
Unable to verify token signature. The signing key identifier does not match any valid registered keys.
getting this below error for all new starter, and if we change the password on old user they are not able to login on O365. Sign-in error code 5000811 Failure reason Unable to verify token signature. The signing key identifier does not…
Cannot enable Staged Rollout from Federation to PTA
We are currently federated to Entra ID with ADFS on premises. We are attempting to run the staged rollout feature with PTA and seamless sign on. Following this article: …
ADFS 4.0 2016 - can't view/browse "..federationserverservice.asmx" locally an external
After a fresh installation of ADFS on Server2016 I'am not able to open the following Url locally on the ADFS Server: https://<ADFS-FQDN>/adfs/fs/federationserverservice.asmx IE -> This page can’t be displayed Chrome -> This site can’t…
Remove last Exchange server from hybrid environment
Hi, We are Company of 10K mailboxes, and now we haves moved our mailboxes to Office 365, there are no mailboxes in on-prem Exchange. Just being used for Hybrid configuration and SMTP relay. Now we are planning to remove the last server from our…
windows hello for business On-Premises deployment error event
I try to deploy the on-prem HfB. We are running at domain function level of 2012R2. The single AD FS server runs 2019. I followed exactly the microsoft guide. But when I start my domain PC, the enroll process never happen. Here is the event 1021 messge…
Issue connecting Azure Windows Server VM to Blob Storage File Share
I am having trouble connecting my Azure Windows Server VM to a Blob Storage File Share, where 25 users have been assigned permission. I have been troubleshooting this issue for the past 5 days and cannot seem to resolve it. Can anyone help me with this…
Password hash synchronization is not working
I am switching from ADFS authentication to Password Hash Synchronization. I have enable the PHS successfully on AAD Connect sync and it was successful. I have changed the authentication method to PHS. However, when I tried to login to M365 portal, I get…