Hi all,
Pardon if this is the wrong group to post in, but I have been given conflicting info.
I have a customer who is unable to connect to our web app using ADFS/SSO with IE on his intranet.
It works with Firefox. With IE, if he accesses the web app from outside the LAN, he can present domainname\username and access the app. If he tries from the ADFS server itself within the LAN, SSO will work as expected without prompting or a login screen. No other computer on the LAN can access the app in any way, they receive a 401 error, and can not even present credentials manually.
There is no proxy, all systems are on the same subnet, no firewall involved. Problem persists even if no group IE policies are applied. Servers (other than the ADFS server) have no policies applied and likewise cannot access the application. They have an internal DNS entry that corresponds to the external name for the ADFS server. I can get to the xml metadata document from outside the network no problem, and I can get to it internally.
I am at a loss as to where to look next, does anyone have any ideas?
Thanks,
Greg