This is just a quick post I wanted to share online as this is the second time I was asked/heard about this ADFS 2016 bug. A minor bug exist in ADFS 2016 after upgrading from ADFS 2012 R2, when you have added a custom ADFS illustration picture. When willl I see this bug? Often you …
Continue reading "Minor ADFS 2016 upgrade bug related to custom web theme" »Tag: Active Directory Federation Services
Office 365 / Azure AD: Block sign in for accounts with password hash sync
Expired Active Directory users are still able to sign into Microsoft Office 365 / Azure Active Directory when using password Synchronization If you have made the move from ADFS / PTA to using Azure AD Password Synchronization with SSO you will soon realize that former / terminated employees are still able to sign into Microsoft Office …
Continue reading "Office 365 / Azure AD: Block sign in for accounts with password hash sync" »iOS 11 provides support for OAuth 2.0 (Modern Auth) in the native mail app
With the release of iOS 11.0, the native mail client has now support for OAuth 2.0. OAuth 2.0 is often mentioned as modern authentication and provides some new capabilities like Microsoft Azure Multi-factor Authentication support and allows to using certificates for authentications. Modern Authentication uses a secure token instead of relying on a username and …
Continue reading "iOS 11 provides support for OAuth 2.0 (Modern Auth) in the native mail app" »login.windows.net still needs to be added to trusted sites in Internet Explorer
During some troubleshooting it was discovered that for some reason “https://login.windows.net” needs to added to “IE trusted site” else you wouldn’t get a PRT (Primary Refresh Token) issued in some scenarios. Microsoft have been working on merging the Azure AD Authentication Flows since March 2015, but this still doesn’t seem to be merged end-to-end yet. Source: Simplifying …
Continue reading "login.windows.net still needs to be added to trusted sites in Internet Explorer" »Web Application Proxy 2012 R2 – HTTP to HTTPS redirect
This post applies to Microsoft Web Application Proxy 2012 R2. I recommend that you upgrade to Windows Server 2016 that provides a built-in function within the Web Application Proxy 2016 to perform HTTP to HTTPS direct. See more here Updated post: This post has been updated 07/32/2017. Original post: 25. December 2013 22.15 Performing HTTP …
Continue reading "Web Application Proxy 2012 R2 - HTTP to HTTPS redirect" »Customizing the AD FS Sign-in Pages
I found this article useful for customizing the logon page for the Web Application Proxy.. http://technet.microsoft.com/en-us/library/dn280950.aspx
Continue reading "Customizing the AD FS Sign-in Pages" »