Extract Manager email address
I follow the article in Technet to query user's Manager DN and then extract Manager's email address,http://technet.microsoft.com/en-us/library/ff678048(v=ws.10).aspxBut i got error in ADFS event...
View ArticleSingle Sign ON in Office365
HI, i am planning to implement SSO with Office365, i am not clear about the requirements to achieve this.Existing Environment - Local DC (Win2003 R2 - local domain name- branchoffice.org01).Office 365...
View ArticleUPN Domain is not listing in DNS
I have added the UPN suffix domain in Active Directory Trust and Services, Where i able to assign upn suffix domain for users. (Example - local AD domain - team, upn suffix domain added is- testteam)....
View ArticleWIF 3.5 production of wsx:metadataReferences on STS descriptors. How to?
When creating a stream of metadata about an STSendpoing, its easy to formulate the address component of the reference. There is lots of sample code on that.But how does one - in WIF 3.5...
View ArticleADFS Failover options
Hi,I have two sites one in Europe and one in USA with 20Mb link. I am looking to support ADFS SSO for < 500 users.I was thinking of deploying an ADFS Sever in Europe and a secondary ADFS Server in...
View Articlewctx parameter
For V1 MS came up with a security patch http://www.microsoft.com/technet/security/bulletin/MS09-070.mspx for "Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution...
View ArticleGenerate SignatureValue for CRM 2011 Organization.svc request with ADFS
I am trying to understand how to calculate the SignatureValue of the 'correct' XML below (this is not my xml, it's from a previous post, but I have the same exact issue). Any guidance would be...
View ArticleWIF 3.51 / 4.5 interoperability?
We have a legacy .NET 3.5 asp.net app that uses WIF 3.51. Our other web apps are in .NET / WIF 4.5. However, it is non-trivial to update this one particular web app from 3.51 to .NET 4.5. This...
View ArticleExport Private Key of ADFS Self-signed Token Signing certificate
Hi all,I'm running on the following issue. I'm rebuilding an exact copy of an existing ADFS farm. I've already exported the original ADFS WID Database which I can use at the "new" ADFS farm copy.I also...
View ArticleCustomizing ADFS 2.0 login screen
We are in process of customizing ADFS 2.0 login screen and implementing SSO. Q1. Can we rename the FormsSignIn.aspx to Login.aspx? If yes, what configuration we need to change, to tell ADFS 2.0 that...
View ArticleClaim Rule Syntax for One AD Field and One Non-AD Field
I'm struggling to create a claim that sends a field and value pulled from AD and a second field that is not in AD and which contains a constant value. Different combinations of creating one rule to...
View ArticlePosting SAMLResponse to the SP - ADFS 2.0
I have been searching this forum and was all over the place to get what I want but I could only end up in posts which are only "related" to what I wanted to ask.Here is the scenario that we have trust...
View ArticleCustomer STS IdP-Initiated to ADFS 2.0/WIF Application
Currently have a deployment of ADFS 2.0 with a WIF web application. WIF application is configured in ADFS 2.0 as a Reply Party. Multiple Claim Providers are also configured within ADFS 2.0. For...
View Articlewindowstransport Authentication erroring with "The target principal name is...
I have an application that does active authentication against ADFS using the windowstransport endpoint. This code has and is working perfectly for 90% of our deployments. We have one domain however...
View ArticleError ID4175 and ConfigurationBasedIssuerNameRegistry
I find myself at somewhat of an impass at the moment. I have an ASP.Net 4.0 app as my RP and a Passive STS based on the sample built by FedUtil, all very simple stuff.When I browse to my app I'm...
View ArticleHow to use login service from ADFS in local web app
Hi all,I need to change the login page of ADFS by special login page in my web app, but I can't find out a solution for this. In my pages, both user domain and user database can access, so that If only...
View ArticleADFS 2.1 - MSIS 7042
Hello,I'm having trouble with the MSIS 7042 Error in ADFS. I have a SharePoint 2013 environment set up to trust and accept claims from an ADFS server in the same domain. I also have a test Claims...
View ArticleLoginrpto and singout
I have 2 questions, 1. Can the loginrpto be used with ws-federation and SAML, can the loginrpto url be application end url as well the federation endpoint url?2. Auto singout from federation -- though...
View ArticleHow to change authentication domain controller for office 365
Hello,As per Neo Yu suggestion I am posting this thread hearWe are using Office 365 exchange online (p1) plan from last 6-8 months.Our setup is like one forest and in that 4 child domain with...
View Article