1,209 questions with Active Directory Federation Services tags
New User not syncing from On Premise AD to Office O365
Our organization uses a hybrid cloud model. Just as it says in the title. I have a new user starting, I created the account in AD then sync to Office 365, but the user does not show up at all. There are no errors noted but I did see them listed at…
ADFS login failing for a specific user in .Net 4.5
I have an MVC application utilizing ADFS authentication. Authentication for a specific user has been failing over the past few weeks. The SAML response status is 200, indicating successful authentication from the server. Upon inspecting the SAML response…
SSO for IIS web server in Azure over Application Proxy
Hello, in Azure there is a VM on which an IIS server with Windows Authenticatiob (NTLM) authentication is installed. This server has membership in an on-prem domain, which is also a VM in Azure. Azure has an Application Proxy configured to publish to…
OWA ADFS connection
Hello, I have a problem related to OWA. I receive a SAML request from the keycloak, which is my IDP for ADFS. ADFS later sends a WS-Federation request to OWA. The page is redirected to the endpoint…
ManagedIdentityApplication.AcquireTokenForManagedIdentity("api://AzureADTokenExchange") giving error in local machine.
Hi, I am implementing the "Federated Identity Credential" along with User Managed identity in .net core 3.1 web api. Getting the error code: "managed_identity_unreachable_network" with error message "A socket operation was…
Getting Error in Saingle application (Darwnbox) 401 unauthorized access
Hi Team, We are getting error in Drwinbox application when user click on site , its working on SSO and when we check the Attribute editor in that proxy its showing incorrect email address. can we have any resolution on this.
When attempting to modify files within the Netlogon folder in Active Directory, I've encountered instances where files are use and cannot be change
Dear Experts, I'm seeking assistance with aspects of Active Directory (AD) management and troubleshooting. Specifically, I am encountering a error that the files are in use and cannot be change in the Netlogon folder. When attempting to modify files…
Joining new AD FS Windows Server 2019 to the old AD FS 2012 R2 farm - SPN/SOAP issues
Hello, I work with environment where I have really old setup. I tried to perform not recommended in-place upgrade, it succeed on a few common machines but it's different with AD DC... Due to complication I decided to create new DC and migrate overtime…
Joining new AD FS Windows Server 2019 to the old AD FS 2016 farm - SPN/SOAP issues
Hi I am getting issue when I am trying to add new adfs server to adfs farm, below is the issue I am getting. Please help. SOAP security negotiation with 'serverName/adfs/services/policystoretransfer' for target…
ADFS - [Windows Hello - Certificate Provisioning Service]
Hello, I would like to configure ACL in ADFS to not keep anything in "Permin Everyone" but there is one App with name "Windows Hello - Certificate Provisioning Service" that I cant remove or even find. Could someone please describe…
How to disable Teams from using logged in user's credentials for ADFS
Hi, Currently we have two separate domains and would like the users on domain2 to be able to log into a teams account on another domain1. We have the user enter the credentials for domain1 but when we have them attempt this they get the…
SSO for Grafana with AzureAD Authentication Using Client Certificates Instead ClientID/ClientSecret
I'm trying to set up Grafana with SSO authentications- I have all the relevant endpoints to configure SSO and test it successfully but recently i was asked to not to use Client_ID/Client_Secret as shown below due to some security…
SAML Query to Active Directory - LDAP performance Challenges
In my environment, User authentication to a critical application is happening through ADFS SAML query. In the SAML query in turn do query to AD. Now we are getting auth failure in application due to slow response from AD as mentioned by application team.…
DNS Zone Locks and Propagation Delay in Active Directory
Dear Experts, I'm seeking assistance with aspects of Active Directory (AD) management and troubleshooting. Specifically, I am encountering a DNS zone lock and propagation delay issue within the Active Directory environment. When I trying to make changes…
Assistance Needed: Checking DNS Propagation Delay, Zone Locks, and File Locks in Active Directory
Dear Expertise, I'm seeking assistance with a few aspects of Active Directory management and troubleshooting. Specifically, I need guidance on how to check and address the following issues and best practice: DNS Propagation Delay: I'm looking to…
ADFS Authentication Issue in .Net 8
I have an existing ASP.NET MVC application that relies on ADFS authentication. I'm currently upgrading it to .NET 8. As part of the upgrade process, I prioritized implementing the authentication functionality first. However, I'm encountering an issue…
Automatic Sign On with Windows credentials in ADFS for Domain joined computers
Dear All, In our organization we activated an AD FS server (Windows Server 2022) and we have a SAML 2.0 Service Provider authenticating with it. Every time we open Edge for the first time in the day and try to access this service provider, it redirects…
Sharepoint 2019 on prem with Office Online Server and ADFS, connection was reset for some domains
Hi, Environment: Air gapped system with connection to few domains; Sharepoint 2019 Enterprise on prem with ADFS (no NTLM auth); LDAPCP plugin; MS Office 2016; Office Online Server 2016 published through WAP with passthrough settings; ADFS (LAN)…
What are the benefits of the existing single forest AD Domain to convert or upgrade the AD Domain Controllers from FRS to DFSR?
What are the benefits of the existing single forest AD Domain to convert or upgrade the AD Domain Controllers from FRS to DFSR? https://learn.microsoft.com/en-us/windows-server/storage/dfs-replication/migrate-sysvol-to-dfsr FFL & DFL: Windows Server…
Future cloud id log on may minimise codes and authentication times
After 20 plus years of fighting to keep up with the software hardware revolution I am pragmatic about the softening and less mentally draining functionality we are beginning to see with AI development, cloud services, faster speeds, internet expansion,…