[RESOLVED] .NET 4.5.1 - Custom STS Implementation: Exception: "A...
Hello,I am using .NET Framework 4.5.1 (so no WIF here) to create a custom STS implementation. This is based loosely on the code from this...
View ArticleAdjusting token lifetimes at the Web Application Proxy for external access
Does the Web Application Proxy or AD FS have any separate controls for adjusting token lifetimes to a different value via WAP than directly at AD FS? I can see there's asession cookie for...
View ArticleNeed custom Claim for ADFS 2.0
Hi All,I need a custom claim for one of my application where in I want to send only alias from email ID as claim, this is required to be used for an existing setup, wherein Alias are setup as UID's. SO...
View ArticleAD FS Authentication
I have a ADFS 2.1 server live on the internet without a proxy and it has three Relying Party Trusts configured and mostly working. The goal is to provide simple authentication for 3rd party websites...
View ArticleADFS 2.0 does not redirect back to 'reply' url on signout
I'm having a problem with ADFS 2.0 not redirecting back to the url in the wreply parameter. I'm using the form login page (authenticationType="urn:oasis:names:tc:SAML:1.0:am:password"), if that...
View ArticleEnabling logging of extranet lockout events
I've set up extranet lockout in a lab environment and I can see that after five bad logons (my threshold), theBadPwdCount attribute on the AD user object stops incrementing, but if I put my IT support...
View ArticleSupportability of making NETSH HTTP changes on AD FS and Web Application...
Are there any resources that clearly spell out what changes are (and are not) supported through NETSH HTTP on Windows Server 2012 R2 AD FS and Web Application Proxy servers? Or is there a rule of thumb...
View ArticleAdfs Authentication
I am having a problem with the adfs authentication,Lets say my domain is "X" and we have other domain called "Y" that we accept clients from there.I want that the adfs will try to use an integreted...
View ArticleClik here to view.
RP-specific AuthnContextClassRef from ADFS to SAML IdP?
Hi All,I have ADFS 2 setup as a passive RP-STS and FP-STS. This is federated with various RPs using SAML and WS-Fed. It has one claims provider trust to a SAML 2 IdP. This IdP is the one that...
View ArticleWhat's happened to the Security Configuration Wizard profiles for AD FS 2012 R2?
So you know that Security Configuration Wizard (SCW) in Server Manager that nobody ever uses? I kind of like that thing. It's pretty good, especially for AD FS where it has been a recommended best...
View ArticleWhat's the official name of the new version of AD FS in Windows Server 2012 R2?
AD FS 2.2, AD FS R2 or AD FS 3.0. Which is it? Does anyone actually know?http://twitter.com/tristanwatkins http://tristanwatkins.com
View ArticleWhen is FillClaimsForEntity Called?
Hi folks.I've implemented a custom SPClaimProvider and, for the time being, implemented some hard coded claims augmentation logic in FillClaimsForEntity. I am currently simply testing with FBA.The...
View ArticleSPN question.. Host/FQDN or HTTP/FQDN for ADFS
Hi all,I have a question about the SPN for the ADFS service account. Microsoft technet advices to use HOST/FQDN,(they state WS-TRUST will not work when HTTP/ is used for ADFS 2.0, but no documentation...
View Article2012 R2 ADFS WAP proxy problem
I am trying to setup a test ADFS server environment with the goal of using federated Office 365. My test environment has two domain controllers at 2008R2 functional level, 1 server 2008R2 and the...
View ArticleAndroid 4.3 (Samsung Galaxy Note) does not connect Lync to O365 via ADFS 3.0
Customer cannot connect Lync to O365 via ADFS 3.0 on Samsung Galaxy Note 4.3 (Jelly Bean). We can connect to a non-ADFS account. We can connect iPhone to an ADFS account. Is there a setting on the...
View ArticleSQL ADFS 2.0 Claim Connection and Query
Hello,I have been trying to setup a custom claim with a SQL Attribute store. I've followed numerous posts about how exactly to do this and I think I have everything setup correctly, however I am...
View ArticleIs my existing ADFS a standalone or a single server farm topology?
Hello,I do have ADFS configured for 365 service, working properly (configured in the past by ex employee).I am planning to add redundancy to ADFS, how can I verify if my existing setup is a standalone...
View ArticleDynamic Access Control / Device claims - how can I get Device Claims passed...
I'm using an ADFS 2.1 (2012 R2) server to pass AD DS Claims (computed from a Kerberos Compound auth ticket - e.g. it has device claims inside of the presented user token) to an RP, as described...
View ArticleADFS3: Change service account
Is an updated version of this script: http://gallery.technet.microsoft.com/scriptcenter/Active-Directory-381aa93c going to be coming out for Windows Server 2012r2? We would like to change the service...
View ArticleADFS farm - single farm vs multiple farms
I was looking to configure a single ADFS farm with 3 servers located in different parts of the world allowing authentication to Office 365. Our datacentre management tool (Akamai) will be used to...
View Article