Tag Archives: ADFS

#ADFS, IWA and the WIASupportedUserAgents property

Recently, I’ve found myself answering several questions and writing emails and some change control paperwork on the topic of Integrated Windows Authentication (IWA) in AD FS.  I’m going to commit the behaviour to this blog for posterity and easy (lazy) … Continue reading

Posted in AD FS | Tagged , , , , , , , , , , | Leave a comment

Multi-Factor Authentication and multiple identity providers

When you implement an additional authentication provider in your Active Directory Federation Services (AD FS) identity provider (IdP) you soon start getting all manner of requests from application owners/managers within the business for multi-factor authentication (MFA) configuration.  For the most … Continue reading

Posted in AD FS | Tagged , , , , , , , , | 2 Comments

Active Directory Federation Services (#ADFS) Single Sign On (SSO) and token lifetime settings

To understand Single Sign-On (SSO) and Persistent Single Sign-On (PSSO) in Active Directory Federation Services (AD FS) you must first understand the authentication cookie.  After the initial logon is validated an authentication cookie is written to the client (typically a … Continue reading

Posted in AD FS | Tagged , , , , , | 1 Comment

Adding a link to the #AzureAD Password Reset web site in your #ADFS forms-based sign-in pages

Implementing Azure Active Directory Password Reset?  Want to make it a bit easier for your users who logon to Azure AD using federated identities to get to the self-service password reset and/or unlock portal? Take the following customised forms-based authentication … Continue reading

Posted in AD FS | Tagged , , , , , | Leave a comment

Integrated Windows Authentication (IWA) with Enhanced Protection for Authentication (EPA) and Chrome–it now works!

Some time back I posted quite a popular post describing the effect of a bug in Chrome that prevented the use of Enhanced Protection for Authentication, a.k.a. TLS channel binding, when authenticating via Integrated Windows Authentication (IWA).  I cared about … Continue reading

Posted in AD FS, News | Tagged , , , , , | 1 Comment

Azure Multi-Factor Authentication (#AzureMFA) and Active Directory Federation Services (#ADFS)

Today, implementing Azure Multi-Factor Authentication (MFA) in an hybrid identity and access management solution based on Azure Active Directory (Azure AD, AAD) and Active Directory Federation Services (AD FS) more often than not requires that you implement the on-premises Azure … Continue reading

Posted in AD FS, Azure MFA | Tagged , , , , , | 9 Comments

New WID support limit in AD FS

Excellent news!  The number of supported federation service (FS) servers in a farm with a Windows Internal Database (WID) backend has increased from 5/10 to 30: A WID farm has a limit of 30 federation servers if you have 100 … Continue reading

Posted in AD FS, Uncategorized | Tagged , , , , , , | 4 Comments