1,173 questions with Active Directory Federation Services tags

Sort by: Updated
0 answers

How to migrate a Relying Party Trust in ADFS for Office 365 (EntryID) to a new Forest

We need to migrate ADFS (>5 years old) from an old AD forest to the new Forest. We use ADFS, among other things, for SSO with custom domains for EntraID. For federation and creating the relying party with EntraID (Office 365 / Microsoft 365) I used to…

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
3,526 questions
Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,380 questions
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,198 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,948 questions
asked 2024-03-14T15:29:21.0033333+00:00
Michael Zahneißen 0 Reputation points
commented 2024-03-18T15:37:52.6066667+00:00
Givary-MSFT 26,366 Reputation points Microsoft Employee
0 answers

Why Entra joined machine need certificatemixed endpoint in ADFS ?

According to this https://learn.microsoft.com/en-us/entra/identity/devices/device-join-plan#federated-environment in ADFS certificatemixed endpoint need to be enabled . Entra Joined machine does not have MFA during machine login and it uses only user…

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,948 questions
asked 2024-02-19T13:05:57.9433333+00:00
AJ 20 Reputation points
edited the question 2024-03-18T10:15:54.18+00:00
AJ 20 Reputation points
1 answer

can we migrate unregistered active directory domains(.local) to azure entra id

I want to migrate .local domain which is not registered to azure entra id

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,665 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
1,825 questions
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,598 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,948 questions
asked 2024-03-18T09:02:16.1433333+00:00
Harsha Parasa 0 Reputation points
edited an answer 2024-03-18T09:31:12.54+00:00
Givary-MSFT 26,366 Reputation points Microsoft Employee
3 answers

Federation Service Error with Secuirty Event 4625

I got new ADFS service in Domain A and served forest trusted Domain B . The federation service get hung frequently for Domain B only , user logon process wiill roll back to the login page without any error message. Meanwhile, the federation service to…

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
asked 2022-11-18T05:29:27.193+00:00
斌 陈 1 Reputation point
answered 2024-03-14T08:58:29.46+00:00
Thomas Gabel 0 Reputation points
1 answer

AD FS Tracing/Debug Event 153 - None of the UPNs were successful for S4U Logon call

While trying to login on ADFS page login page, page get refresh and ask for login again (ADFS login loop). When I checked event log in AD FS Tracing/Debug I am getting event 153 with message "None of the UPNs were successful for S4U Logon…

Windows Server 2012
Windows Server 2012
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
1,518 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
asked 2023-01-11T14:34:32.6466667+00:00
Vaman D 5 Reputation points
answered 2024-03-12T09:35:45.7633333+00:00
James, Jonathan 0 Reputation points
2 answers

Unable to verify token signature. The signing key identifier does not match any valid registered keys.

getting this below error for all new starter, and if we change the password on old user they are not able to login on O365. Sign-in error code 5000811 Failure reason Unable to verify token signature. The signing key identifier does not…

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
asked 2022-08-29T13:45:22.03+00:00
Naeem Chougle 1 Reputation point
answered 2024-03-11T10:39:40.2366667+00:00
Jordan Pressman 0 Reputation points
1 answer

Do I need a verified domain to federate applications in Entra ID?

I'm trying to integrate an application with my tenant via SAML. It's one of the applications listed in Entra ID's application gallery. One of the steps required in the tutorial is to verify a domain in the application. As I'm not the owner of the…

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,948 questions
asked 2024-03-02T02:47:20.6533333+00:00
Pedro Ignácio 1 Reputation point
commented 2024-03-08T03:15:24.5266667+00:00
Givary-MSFT 26,366 Reputation points Microsoft Employee
1 answer

How to Bulk Update Users Employee ID from an Excel File on Active Directory using Powershell

Hi, Does anyone knows how to use script to add employee ID in Active Directory Server using Window Powershell? Please help me!!! Thanks

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,380 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
11,864 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,665 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,306 questions
asked 2024-03-06T04:45:05.8133333+00:00
Jnarthan Govindasamy 5 Reputation points
answered 2024-03-06T16:23:13.1766667+00:00
Rich Matheisen 44,331 Reputation points
1 answer

How to deal with Expired Inactive Certificate?

We are using Azure AD for SSO with AWS. We have multiple Enterprise applications showing the status as "Expires soon", "Expired Inactive Certificate" or "Expired". For the "Expired" one, we have selected the new…

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,948 questions
asked 2024-03-05T00:06:15.2266667+00:00
Byron Liu 0 Reputation points
answered 2024-03-05T08:51:53.2733333+00:00
Amit Singh 4,846 Reputation points
1 answer

Non-active directory users need authentication/SSO

Hi - Im looking for a license type or service provided that satisfies the ability to have non-active directory employees (ie: seasonal or temp employees) logging into an application via SSO. is there a way to do this so that you do not have a full O365…

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
634 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,665 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
asked 2024-02-27T21:28:27.41+00:00
Olivia Escalle 0 Reputation points
commented 2024-03-04T21:16:49.0433333+00:00
JamesTran-MSFT 36,316 Reputation points Microsoft Employee
1 answer

Custom Login without the Microsoft Login Popup

Hi, Our client has a SAP Commerce Cloud(hybris) B2B solution and the login page is currently integrated with another IDP provider. They want to migrate to Azure AD and using the current login page want to seamlessly allow the user to login without the…

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
asked 2024-01-15T11:49:31.4433333+00:00
IR, Sreejith 0 Reputation points
commented 2024-03-04T09:31:48.9466667+00:00
Danstan Onyango 3,726 Reputation points Microsoft Employee
0 answers

Is it possible to bypass the user details prompt for azure B2C federated login for first time user.

When a AD user try to login through the federated login user flow into application then login they are getting an user detail prompt page. We want to disable this flow for AD user. Team can you please help me with this.

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
asked 2024-03-02T20:55:56.8166667+00:00
Chandan Singh 0 Reputation points
0 answers

Please help us customize adfs\ls endpoint in ADFS 5.0

Good day! Currently we are using ADFS 2.0 which has a site hosted at adfs\ls in the same federation service. And we customized adfs\ls site and add few of our own components. And we are in the process of migrating from ADFS 2.0 to ADFS 5.0 and the same…

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
asked 2024-02-28T14:59:33.6166667+00:00
Naga Vamsi Katari 0 Reputation points
0 answers

AADSTS51004: The user account it does not exist in the e8c002ec-e5f4-4a8f-a41b-ce101e0a1a51 directory. To sign into this application, the account must be added to the directory

Hello, I am writing concerning an issue that I am experiencing, specifically with Federated domains where the entity provider is Google Workspace and the service provider is MS 365 A1. Even though from Google I reauthorise automatic provisioning for…

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,665 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
asked 2024-02-25T17:10:40.23+00:00
preside presidenza 0 Reputation points
0 answers

Problem with AD Connect

I inherited a system that had been federated to Azure using ADConnect v1, then they deleted the server and connected loaded ADConnect v2 and synced the domain to this. The cert expired and that is when I learned the did not use Federated domain to load…

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
asked 2024-02-21T22:12:36.4966667+00:00
United Telephone Company 0 Reputation points
commented 2024-02-22T19:57:24.05+00:00
JimmySalian-2011 41,641 Reputation points
1 answer One of the answers was accepted by the question author.

Bypass HDR at ADFS for case Azure B2C as SAML Identity Provider

I have setup per this article https://learn.microsoft.com/en-us/azure/active-directory-b2c/identity-provider-adfs-saml?tabs=windows&pivots=b2c-custom-policy It is working but now I need to Federated with another partner. Added this partner to Claims…

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,598 questions
asked 2024-02-19T19:46:28.45+00:00
BlackCat 81 Reputation points
accepted 2024-02-21T22:30:56.6266667+00:00
BlackCat 81 Reputation points
2 answers

Does changing the email field on the on-prem field cause Legacy DN Value?

Hello, We have a hybrid environment with on-premises AD syncing to their Azure AD We converted an on-prem user profile to External ID in Azure AD. As a result, sending party is receiving an NDR whenever they try to send an e-mail to this converted…

Microsoft Exchange Online
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,665 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,598 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,948 questions
asked 2024-01-30T16:46:09.7966667+00:00
muhi-entra 0 Reputation points
commented 2024-02-21T15:35:05.12+00:00
muhi-entra 0 Reputation points
2 answers

About IE GPO policy

In Computer Policy GPO Management Templates > Windows Components > Internet Explorer >Internet Control Panel>Security Page>Intranet Zone Items within Allow websites to prompt for information using scripted windows - Prompt for information using…

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
3,526 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,665 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
asked 2024-02-16T01:51:39.6733333+00:00
jennyKim 240 Reputation points
commented 2024-02-21T01:52:49.38+00:00
jennyKim 240 Reputation points
1 answer

SingleLogout privatekey and certificate

I am using Spring security https://docs.spring.io/spring-security/reference/5.7/servlet/saml2/logout.html for implementing SAML single logout. I got my single logout flow to work by providing a dummy set or private and public key since it requires me to…

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,948 questions
asked 2024-02-19T21:53:49.3266667+00:00
Lee G 0 Reputation points
commented 2024-02-20T15:50:23.3633333+00:00
Lee G 0 Reputation points
0 answers

"The certificate doesn't have a private key error" in adfs diagnostic analyzer after updating adfs certificate.

I updated our ADFS Service Communications Certificate today. Everything seems find and I'm seeing successful authentications, however when I run Microsoft's ADFS "Diagnostics Analyzer" I'm seeing a new error that states, "The certificate…

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,173 questions
asked 2024-02-20T13:48:04.44+00:00
Raghuvarma Pasupuleti 0 Reputation points