ADMIN0017: An exception occurred while connecting to the policy store...
Hi, I had successfully deployed 4 Geneva Beta 2 Labs on my organization and partners. This error happened after a couple of weeks of normal operations and ONLY on x64 systems.Symptom: If you try to...
View ArticleHow to keep ADFS 2.0 session cookie valid after browser is restarted?
Hi!I have a test installation of 2 ADFS 2.0 servers (one as RP and another as IdP). ADFS RP is protecting a claims-aware app from WIF Samples pack.Currently I have all default settings for token...
View ArticleSales force integration with ADFS 2.0 using SAML 2.0
Hi All,I want to intagrate Sales force with ADFS 2.0 using SAML 2.0.Can any body send me some refrence link,Url ,PDF ect where I can understand the configuration required to do so.Thanks in advance
View ArticleADFS v2 service account is exposed to the internet
Hello,The ADFS v2 service account is exposed to the internet via the endpoint /adfs/services/trust/mex.Apparently MS is not admitting that exposing the service account poses a security concern.(you can...
View ArticleBypass Select Site screen in ADFS
We have an ADFS setup that is purely used to allow internal users access to a couple of external resources (We don't use it to allow external people in)Now currently to access the resources the user...
View ArticleSharePoint and CBA
Hi,We are trying to setup an SPS 2013-ADFS architecture with an external IP-STS. The claim that is returned from the IP-STS only contains to numbers (companyID and siteNr). I want to authorize some of...
View ArticleExpanding AD FS 2.0 Farm After Applying Update Rollup #3?
My organization has an ADFS 2.0 farm that consists of a single, Primary Federation server. We plan to update the server to ADFS 2.0 Update Rollup 3 in the imminent future for an internal project. Due...
View ArticleADFS + Claim rule language + String functions
Hi, I am not able to add the logic for below criterias, can anyone please help me out1. Get the membeOf attribute from AD and need to traverse the list to see if the user is a memberOf specified Groups...
View ArticleWeb.config transforms for system.identityModel
I am trying to create custom configuration for all of my environments using Transforms, but I can't seem to get it to work with the following from the audienceUris and wsFederation. This is putting me...
View ArticleMaking requests using WebClient and security tokens
Hi all,I was wondering if it is at all possible to use the WebClient (or a similary approach) to make requests to a resource protected by WIF (.aspx page, web service, etc)?Using the WebClient, I'm...
View ArticleCustom STS and CRM 2011 Dynamics issue
Hello,I have 2 applications, a WCF service that authenticates with CRM instance (On Premises Installation), which itself is configured for claims based authentication against a custom STS.The STS...
View ArticleClaims not passed through ADFS to the relying party
Hello,I have a ASP.NET Web application using WIF for authentication deployed in Azure. I also have an ADFS deployed in the Azure. The application is configured with ADFS as the identity provider. The...
View ArticleADFS 2.0 SQL DB failover - how does it work?
I have configured an ADFS 2.0 farm with three web servers, two in the main site and one in our DR site. I will be using an f5 to do network load balancing across the three web servers, and for the...
View Articlehwo to set *default* bulk-encryption algorithm in WIF (for encrypting tokens)
an RST parameter can indicate which bulk-encryption algorithm an WIF-based STS is to use, when creating an encryptedDataToken (within which is a SAML assertion, say, with possibly wrapped proof...
View ArticleWIF 4.5 encryption cert question (optional vs mandatory token encryption)
When you specify an encryption cert in web.config, does WIF require that all incoming tokens are encrypted with this cert or does it just specify that if a token comes in encrypted, this is the cert...
View ArticleUnable to Load database in ADFS 2.0 After Transfer the Primary role on...
I was using two ADFS 2.0 server (Primary and Secondary ) with WID (Windows internal Database). Primary ADFS Server was Crashed. So I transfer the Primary role on my Secondary ADFS Server. this server...
View Articledatabase is not load in ADFS 2.0 After Transfer the Primary role on Secondary...
I was using two ADFS 2.0 server (Primary and Secondary ) with WID (Windows internal Database). Primary ADFS Server was Crashed. So I transfer the Primary role on my Secondary ADFS Server. this server...
View ArticleADFS - Send Saml Assertion AttributeValue with Namespace
Hi,I want to transform an incoming claim to the following: <saml2:AttributeStatement> <saml2:Attribute Name="transformedId"...
View ArticleWIF STS Renew implementation
Hi guysI wonder if there is any example of STS Renew method. I want to be able to renew SAML tokens but I cannot find any reference how to implement it.
View ArticleWhat is the danger in turning off EncryptClaims for a certain relying party...
I know you can turn EncryptClaims to false by issuing the powershell command below:set-ADFSRelyingPartyTrust –TargetName “target” –EncryptClaims $FalseMy questions is: what is the danger of doing this?...
View Article