Category: ADFS

Sign-in to Azure AD with email as an alternate login ID (still in Preview)

What will work? Only emails in verified domains for the tenant are synchronized to Azure AD. Each Azure AD tenant has one or more verified domains, for which you have proven ownership, and are uniquely bound to you tenant. One…

Continue Reading Sign-in to Azure AD with email as an alternate login ID (still in Preview)

Continuous Access Evaluation and working with tokens

Access, ID, and SAML2 ID tokens are JSON web tokens (JWT). These ID tokens consist of a header, payload, and signature. The header and signature are used to verify the authenticity of the token, while the payload contains the information about…

Continue Reading Continuous Access Evaluation and working with tokens

What’s new with AAD Connect V2 and why to migrate?

History of AAD Connect User synchronization solutions has been here for a long time and they have evolved all the time, sometimes faster sometimes slower. Middle of September Microsoft released a new main version from Azure AAD Connect and the…

Continue Reading What’s new with AAD Connect V2 and why to migrate?

Enterprise applications SSO with custom manifest configuration

Hi, Didn’t find an article about this, so I decided to gather the pieces and put them in one place. First little bit of background. You have Azure AD and  on-premises or cloud-based application that you want to allow SSO…

Continue Reading Enterprise applications SSO with custom manifest configuration

ADFS-failover PrimaryServer to Secondary.

Active Directory Federation Services can be installed in a farm. There can be maximum of 5 ADFS-servers in a farm using locally installed SQL Express. When You add in the sixth, You will have to install Full SQL-Server instance for…

Continue Reading ADFS-failover PrimaryServer to Secondary.

Java and Shibboleth authentication with Azure REST API and ADFS.

The last blog entry was about setting up Onpremise AD with Office 365 and ADFS. So now to the instresting part. I’m going a little bit awol with this, as I’m not a coder. First about Azure authentication. https://docs.microsoft.com/en-us/azure/app-service-api/app-service-api-whats-changed#authentication And specially…

Continue Reading Java and Shibboleth authentication with Azure REST API and ADFS.

Azure AD Connect with ADFS customization.

So scenario was this. Customer has an Office 365 tenant all ready in-place. The users in Onpremise AD have SamAccountNames as UserPrincipalNames. The next step Is obvious. Add UPN-suffix and change UserPrincipalName to match email address. Then add mail-attribute for…

Continue Reading Azure AD Connect with ADFS customization.

Sorry we’re having trouble signing you in with Office 365

Does this look familiar to You? If so you are not alone and the fix is. Delete Relaying Party Trust for Office 365: And then update federation data with this.

or

http://support.microsoft.com/kb/2647048  And it works also with ADFS…

Continue Reading Sorry we’re having trouble signing you in with Office 365