1,268 questions with Active Directory Federation Services tags
ADFS Cookie Handling Issue with SamlSession
I'm experiencing issues with ADFS cookie handling. After creating a Relying Party Trust, everything seemed to work fine initially. However, when calling ADFS repeatedly with the same user, the SamlSession cookie size gradually increases, leading to a 400…
How to keep specific email address open in outlook on multiple windows devices that are used by mutiple users , using GPO?
Dears, I need your urgent support. I need to keep specific email address open in outlook on multiple windows devices that are used by mutiple users, using group policy in active directory? Forex: John and Sara using one device and each of them have an…
ADFS Authentication Failing in Chrome: MSISConext Cookie Issue
We are using ADFS to redirect authentication to our underlying IDP. Previously, we ran our app within an iframe of another app, and it worked fine. However, with Chrome’s recent changes regarding third-party cookies, we are now facing issues. Upon…
An error occured executing Update ADFS Federated AAD Trust task in Entra Connect
Hello MS Q&A Community, I encountered a strange problem when trying to federate one of our domains with Entra ID in Entra Connect. Our ADFS service is located on a separate Windows 2016 server, has a public name like adfs.domain.com and internal…
Azure AD B2C: Invalid password error when account is created using Userflows and logging in with Custom policies
Hi All, we are trying to use Azure AD B2C for authentication in our web application. The application was initially configured to use "Userflows" and then we had to switch to "Custom policies" because of a blacklisting domain feature…
Windows Hello for Business with ADFS - Certificate - Hybrid Joined - Device Provisioning is failing
User Device Registration Event ID 360 Windows Hello for Business provisioning will not be launched. Device is AAD joined ( AADJ or DJ++ ): Yes User has logged on with AAD credentials: Yes Windows Hello for Business policy is enabled: Yes …
Increase Azure AD password policy and On-premises AD password expiry policy of 90 days to 365 days
We have enabled EnforceCloudPasswordPolicyForPasswordSyncedUsers feature and set almost all users azure policy to 'none' with the exception of a few accounts that are set to DisablePasswordExpiration. The default Azure AD password policy does match our…
How can I make some fields required with social media like X (twitter) or google using Azure b2c custom policies
How can I make some fields required with social media like X (twitter) or google using Azure b2c custom policies? Hello, I have this problem: For example I have <InputClaim ClaimTypeReferenceId="legalCountry" Required="true" />…
MSIS7012 : The same client browser session has made '6' requests in the last '1' seconds. Contact your administrator for details
We have a .Net application which we implemented ADFS WSFED in it. Its working fine in local but when we deployed we are facing this error. For Dev in URL I see Realm is HTTPS but wreply is HTTP. But for local I see Realm is HTTPS but wreply is HTTPS.…
Windows Hello for Business Certificate Trust (on-Prem)
Hi! I have deployed Windows Hello for business environment (Certificate trust, On-Prem), Everything works OK. The domain user logs into the client machine and windows hello for business enrollment starts. However, After getting the PIN from user, windows…
Mailbox type is unable to change from user to office365 in the on-premises exchange portal.
Mailbox type is unable to change from user to office365 in the on-premises exchange portal. The mailbox type in Online Exchange Admin Center is user mailbox. though would like the mailbox type in the on-premises exchange portal to switch from user to…
Users get prompted for MFA and email
Hi, We have corp.local on prem domain and external.org for our emails. Before we flip from Exchange on prem to O365 we would like to get all SSO issues resolved. We currently have two problems. When users open Edge or Chrome browsers on their office…
AD B2C custom policy Get Key="ValidTokenIssuerPrefixes" URI from a rest endpoint
Hi All, I have a <ClaimProvider> in my AD B2C custom policy which allows some tenants to authenticate. Is it possible to get these URIs from a rest API endpoint and populate it? <item key="ValidTokenIssuerPrefixes">[URIs from an…
How to Restrict Domain Users Disjoining Computers from Domain?
Why domain users can disjoin on the AD domain?, How can I deny any one from dis joining or leave domain and back to work group by GPO or any other way?
Getting error on AD sync configuration.
Hello All, I m encountering an ADD sync error when attempting to connect my on-premises server to Azure Active Directory (AAD). Could someone please assist me in troubleshooting this…
How can I configure the AD FS federation service so that avatars of users synchronized with Azure AD Connect are displayed and Windows applications are automatically logged in?
Good day! Given: A server running Windows Server 2022 Datacenter, domain: chuc218.ru Is it necessary to: configure the AD Federation Service (AD FS) so that avatars of users synchronized with Azure AD Connect are displayed on client PCs running Windows…
How to remove the "hint" query parameter during AAD B2C password reset flow?
We have set up the password reset exchange as instructed in the docs and are trying to remove the hint query parameter that gets added to the URL when clicking the forgot password link. We do not want it as it is an info leak. Someone else asked a…
Unable to add second ADFS server to existing farm (MSSQL and gMSA)
Hello, My first Server 2019 ADFS server is working fine, but for HA purposes I wanted to add a second one. I already made sure that my GMSA, which is just named "ADFS-GMSA" works fine with my MSSQL server. I was following the instructions here:…
Microsoft Entra Hybrid Join – Devices Stuck in "Pending" Status
Hello Team, We are facing an issue with our on-premises Active Directory (AD) integrated with Active Directory Federation Services (AD FS). We have correctly configured Microsoft Entra hybrid join using Microsoft Entra Connect, following the official…
User ID prompt from AAD hybrid-joined computer
Hi, All of our users are getting prompted for User ID when navigating to portal.azure.com in the browser on the hybrid joined Windows 11 systems. Running dsregcmd /status on any computer on the corp network shows…