Tag Archives: Active Directory Federation Services

#ADFS and #MFA load balancer guidance

When designing Active Directory Federation Services (AD FS) my actual involvement with the networking guys who handle the load balancer configuration is generally limited to a few calls and emails.  We provide some requirements in the forms of availability and … Continue reading

Posted in AD FS, Azure MFA | Tagged , , , , , , , , , | 2 Comments

Multi-Factor Authentication and multiple identity providers

When you implement an additional authentication provider in your Active Directory Federation Services (AD FS) identity provider (IdP) you soon start getting all manner of requests from application owners/managers within the business for multi-factor authentication (MFA) configuration.  For the most … Continue reading

Posted in AD FS | Tagged , , , , , , , , | 2 Comments

Active Directory Federation Services (#ADFS) Single Sign On (SSO) and token lifetime settings

To understand Single Sign-On (SSO) and Persistent Single Sign-On (PSSO) in Active Directory Federation Services (AD FS) you must first understand the authentication cookie.  After the initial logon is validated an authentication cookie is written to the client (typically a … Continue reading

Posted in AD FS | Tagged , , , , , | 1 Comment

Azure Multi-Factor Authentication (#AzureMFA) and Active Directory Federation Services (#ADFS)

Today, implementing Azure Multi-Factor Authentication (MFA) in an hybrid identity and access management solution based on Azure Active Directory (Azure AD, AAD) and Active Directory Federation Services (AD FS) more often than not requires that you implement the on-premises Azure … Continue reading

Posted in AD FS, Azure MFA | Tagged , , , , , | 9 Comments

The use of Distributed Key Manager (DKM) in Active Directory Federation Services (AD FS)

Something that crops up quite a lot when you’re involved in planning and designing an Active Directory Federation Services (AD FS) infrastructure is certificates and, for those of you who have worked anywhere where you have to justify your design … Continue reading

Posted in AD FS | Tagged , , , , , , | 2 Comments

AD FS, Enhanced Protection for Authentication (EPA), Chrome and Integrated Windows Authentication (IWA)

Something that I’ve had the misfortune of working on to look into recently was the user experience when accessing federated business apps using a browser that isn’t Internet Explorer.  Suffice to say, my customer has “two” supported browsers: IE (9, … Continue reading

Posted in AD FS, Uncategorized | Tagged , , , , , , , , , , | 5 Comments

Workplace Join failed 0x10dd (a.k.a. how to properly change/set your #ADFS certificates)

This post is really a simple layer-8 issue, but I thought it justified a post as there’s a nuance or two that are worth discussing.  I’m in the process of designing yet another Active Directory Federation Services deployment although this … Continue reading

Posted in AD FS, Troubleshooting | Tagged , , , , , , | 1 Comment