This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 57.00000000000001%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
We successfully enabled ADFS authentication for OWA and ECP.
While this is what we want for the clients, we now have the problem that the local ECP of any exchange server cant be authenticated anymore: https://localhost/ecp/?ExchClientVer=15 or https://servername/ecp/?ExchClientVer=15
This leads to an ADFS error page because the cert is not valid.
We have to fall back to https://owa.ist.ac.at/ecp/?ExchClientVer=15
The problem with this is, for some tasks i need to know on which server I work. For instance to check if our OWA theme still works after a server upgrade.
So i need to make https://localhost/ecp/?ExchClientVer=15 work again locally on the servers. How I can exclude these servers or the admin users from ADFS authentication? I can apply the authentication in ADFS to groups, but now they are applied to everyone and I would love if I dont have to mess with the groups but somehow could just exclude the servers in a way that does not affect the whole infrastructure.
Hi @Joachim ,
As Andy said, if you enabled ADFS auth for OWA/ECP, the basics and form auth are disabled, so you can't log in with your logon name and password.
I think you can disable this then re-enable the basic/form auth, or you may have to fix the certificate problems.
Regards,
Lou
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi @Joachim ,
Do the suggestions above help? If the issue has been resolved, please click “Accept as answer” to mark helpful reply as an answer, this will make answer searching in the forum easier and be beneficial to other community members as well.
Regards,
Lou
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
There is no way to do that unless you disable ADFS auth on the virtual dirs of those servers.
Alternatively, set the local hosts file on your workstation for owa.ist.ac.at to a specific server's IP Address and connect that way when you want to verify things.