SAML Signout issue (MSIS7055) using an external idp and two relying parties
We have configured ADFS 2.0 to use an external identity provider using SAML. The identity provider requires a signed signout request. We have also configured two relying parties (a Sharepoint app and...
View ArticleIn asp.net claim-based authentication claims are removed after app pool recycle?
What we have is a typical REST middle-ware running a claim-based windows authentication. So once the user is logged in we grab his/her data, convert it to Claims and add to the ClaimIdentity. Then...
View ArticleMulti Forest / Multi AD to one ADFS
Hi everyone, Here is the deal, I wanted to know if its possible to have One ADFS server for multiple domains / multiple forest. I have 480 domains which have nothing to do with our head office network....
View ArticleADFS 3.0 - secondary farm server using WID not responding or showing ADFS info.
Hello all, I have a 2012 R2 ADFS server farm consisting of 2 servers using WID. When I added the second server to the existing server, it completed the tasks just fine without any errors and shows in...
View ArticleADFS 2.1 localisation issue
I am currently implementing ADFS 2.1 on Windows server 2012 to Connect to Sharepoint 2010 and other applications.I'm trying to customize the login page and I need to force the page to always display in...
View ArticleSSO between two applications attached to similar Active directory
Hi,We have two applications ABC and DEF running using different technologies. Users of both applications resides in same Active directory. Now we want to implement SSO between these two application,...
View ArticleCross-domain claims authentication to SharePoint w/ADFS 2.0 and Active Directory
In a nutshell, I'm trying to authenticate to SharePoint 2010 using Claims-Based Auth and ADFS 2.0 with a user in a different domain than SharePoint. I already have it working fully within the...
View ArticleSsoLifetime ignored when using external IdP?
Have the following setup RP -> ADFS-RP -> ADFS-IdP RP timeout is 1 minute ADFS-RP TokenLifetime 2 minutes ADFS-RP SsoLifetime 8 hours ADFS-IdP SsoLifetime 8 hours 1) Login into RP at T0 and wait...
View ArticleADFS 2.1: issuance authorization rule based on SQL attribute store
On an ADFS 2.1 test installation, I have an SQL attribute store, which I use to issue a claim with a custom rule: c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid"] =>...
View ArticleActive Directory Federation Services 3.0 won't open
I was directed here from the Server 2012 > Active Directory forums. I am having a problem with ADFS 3.0. I have configured it according to http://goodworkaround.com/node/53 so far, but am not able...
View ArticleTrouble with ADFS and web application proxy. SSL\TLS on server 2012 R2
Hi.I need any help with this problem. I hve 2 server 2012 Datacenetr with with domen. Installed on 1 ADFS,in another web application proxy.So whenI adjustwap on second win server 2012 R2 gives an...
View ArticleADFS Oauth2.0 authorization endpoint in win 2012 r2 preview
Hi, I installed ADFS services and configured it successfully as a federation server. I intend to use it for Oauth2 flows as announced recently by Vittorio and Caleb Baker in recent blogs and videos....
View ArticleADFS 2.0 FS & ADFS 2.0 Proxy Server Setup
I've looked at links such as:http://pipe2text.com/?page_id=399 I haven't had too many issues however I'm trying to install things again, and things aren't working fine. The questions, I have are:1....
View ArticleLoadbalancing an ADFS 2.2 Farm
Is anyone aware of any documentation on how to setup ADFS on Windows Server 2012 R2 behind a load balancer?I have an existing ADFS 2.0 farm on Windows Server 2008 R2, and am setting up a new ADFS farm...
View ArticleHow to properly setup LB probe for ADFS 3.0 servers
We are facing a problem during ADFS 3.0 (Windows Server 2012 R2), because we do not find a suitable URL for hardware Load Balancer probe to test ADFS nodes.When tried with IE browser, the URL...
View ArticleVS 2013 - Change Authentication later
In VS 2012, we had the "Identity and Access Tool". This allowed you to change the WIF parameters at any time.In VS 2013, there is the "Change Authentication" option when you create a project. But there...
View ArticleAD FS Production and Testing
How do you setup a testing ADFS server with a production ADFS server?We are working with a lot of vendors to get federated with their products. They are needing to set up a testing location and a...
View ArticleWS-Trust and Certificates
I'm trying to add claims-based security on a WCF service, using ADFS. I've succesfully done so for a Web Application (Passive federation), but I find myself stuck due to lack of documentation on the...
View Article2012R2 AD FS WAP proxy problem
I am trying to setup a test ADFS server environment with the goal of using federated Office 365. My test environment has two domain controllers at 2008R2 functional level, 1 server 2008R2 and the...
View ArticleRedirecting to ADFS when RP token expires
I'm using ADFS 2.0 and ASP.NET web application. I have an issue where the user is doing his work and the RP token expires. When the user submits the data, the applications get a new ADFS token. When...
View Article