Backtrack:  
Blog
 
showing posts tagged with 'adfs'
 
Testing an ADFS implementation
edited by on October 19th 2017, at 12:00

You can easily verify whether an ADFS implementation is working by using a browser and trying to log on:

https://adfs.yourdomain.com/adfs/ls/IdpInitiatedSignon.aspx

Replace adfs.yourdomain.com accordingly.

Note that in 2016, this no longer works unless you re-enable this feature through Powershell:

Set-AdfsProperties -EnableIdpInitiatedSignonPage $true
 
Renew certificates on ADFS 3.0 (2012 R2)
edited by on August 24th 2015, at 16:20
Occasionally (usually once a year), you may have to renew your SSL certificate of your Active Directory Federation Services server, used for your Office 365 Single Sign-On setup. In past versions, this was done quite easily through IIS. However, since 2012 R2 (a.k.a. ADFS 3.0), ADFS no longer uses IIS and it gets a little bit more complicated.

Outlined in this short article are the steps you need to do in order to renew or replace your SSL certificate on a Windows 2012 R2 server, running ADFS 3.0.

First, renew or request a new SSL certificate through your Certificate Authority (such as GoDaddy, Enom, etc.). How to do this depends greatly on the CA. As ADFS on 2012 R2 no longer uses IIS, yo  ...
 
Certificate renewal using the same private key (e.g. GoDaddy)
edited by on August 24th 2015, at 16:09
Certain Certificate Authority providers, such as GoDaddy allow you to renew an SSL certificate using the same CSR and private key. This greatly simplifies the procedure to renew a certificate, but this can also complicate things if you don't have your private key readily available.

On a server running ADFS 3.0 for instance, you do not have IIS available to allow an easy SSL certificate renewal (or even a request). Or perhaps, you lost the current private key, or it is located somewhere where it's not easily accessible.

Luckily, there's a fairly easy way to extract the private key from the previous SSL certificate on your Windows server. By using the Windows Certificate store functionality   ...
 
Azure AD Connect replaces DirSync
edited by on June 26th 2015, at 14:50

Microsoft has released the Azure Active Directory Connect to the general public. Azure AD Connect replaces (although "incorporates" is a better word) DirSync as the new tool to set up synchronization between your on-premise Active Directory and Azure Active Directory, including Office 365.

The current version of Azure AD Connect is only the beginning. Microsoft has announced a lot more features, which will be made available in the next versions.

More information and installation resources: https://azure.microsoft.com/nl-nl/documentation/articles/active-directory-aadconnect/

 
Outlook + Office 365 + Single Sign On (SSO) = not working
edited by on March 24th 2015, at 12:12

As you probably already have noticed, does Outlook prompt for credentials when configuring Outlook for use with a federated Office 365 account, regardless of whether you've set up your intranet zoning for your ADFS server in Internet Explorer options.

Apparently, this is unresolveable as Outlook (2013 and earlier) simply does not support SSO. It is currently unknown whether a subsequent version of Outlook will have this feature.

Source: https://support.microsoft.com/kb/2535227

Oddly enough, Lync does support SSO.

 
ADFS 3.0 (2012 R2) hangs on startup
edited by on August 25th 2014, at 12:30
When running ADFS 3.0 On a Windows 2012 R2 domain controller, on a reboot, the Active Directory Federation Services service may not start up properly, and may not subsequently not service requests. The Services management snap-in shows the service with a status of Starting.

The reason for this is an error during the deployment of ADFS where a dependent service, the Microsoft Key Distribution Service, is not set to start automatically, causing ADFS not to start up properly until that particular service is also started.

The solution is quite simple: in the Services management snap-in, find the service called Microsoft Key Distribution Service, and set its startup type to Automatic.

After th  ...
 
 
showing posts tagged with 'adfs'
 
 
« April 2024»
SunMonTueWedThuFriSat
 123456
78910111213
14151617181920
21222324252627
282930    
 
Links
 
Quote
« Crude, but effective... »
Seven Of Nine