Categories
ADFS ADFS 3.0 Azure Azure Active Directory Azure AD AzureAD

Decommission ADFS When Moving To Azure AD Based Authentication

I am doing a number of ADFS to Azure AD based authentication projects, where authentication is moved to Password Hash Sync + SSO or Pass Through Auth + SSO. Once that part of the project is complete it is time to decommission the ADFS and WAP servers. This guide is for Windows 2012 R2 installations […]

Categories
ADFS 3.0 Office 365

ADFS Service Login Failures and a Simple Fix

If you find on restarting your ADFS server that you get the following event IDs in System event log, 7038, 7034 and 7000 that read as the following: The adfssrv service was unable to log on as DOMAIN\adfssvc$ with the currently configured password due to the following error: The user name or password is incorrect. […]

Categories
2012 R2 ADFS 3.0

Checking for Login Issues with AD FS and Office 365

This post will look at how you can view login errors in AD FS, trace them back to the Event Viewer on your AD FS server(s) and then help the user login correctly. Unlike earlier versions of ADFS it is not required to enabled config files and registry keys to turn on additional logging. All […]

Categories
2008 2008 R2 2012 2012 R2 active directory ADFS 3.0 Azure Azure Active Directory cloud exchange exchange online groups hybrid IAmMEC Office 365 WAP Web Application Proxy windows

Configuring Sync and Writeback Permissions in Active Directory for Azure Active Directory Sync

[Last updated 11th November 2019 – added support for Exchange Server automapping support, which was announced during Microsoft Ignite 2019 and will be supported in the first half of calendar year 2020. This is supported by adding writeback for msExchDelegateListBL and msExchDelegateListLink attributes. The below Exchange Hybrid writeback script has been updated to support these […]

Categories
ADFS ADFS 2.0 ADFS 3.0 IAmMEC MDM Mobile Device Management Multi-Factor Authentication OD4B ODFB Office 365 OneDrive OneDrive For Business OWA for Devices

Office 365 MDM (Mobile Device Management) From A Users Perspective

The following list of steps and screenshots are taken during the enrolment process to add an iPhone and an Android phone to Office 365 once the free MDM solution that comes with Office 365 is enabled for the user. Step Details Image from iPhone Image from Android 1. Once your IT Administrator enables MDM for […]

Categories
2013 activesync ADFS ADFS 3.0 exchange online https Office 365 Outlook OWA for Devices Web Application Proxy

Continuing Adventures in AD FS Claims Rules

Updated 20th April 2017 There is an excellent article at http://blogs.technet.com/b/askds/archive/2012/06/26/an-adfs-claims-rules-adventure.aspx which discusses the use of Claims Rules in AD FS to limit some of the functionality of Office 365 to specific network locations, such as being only allowed to use Outlook when on the company LAN or VPN or to selected groups of users. […]

Categories
2012 R2 2013 ADFS ADFS 3.0 Office 365

Intermittent Error 8004789A with AD FS and WAP 3.0 (Windows Server 2012 R2)

This error appears when you attempt to authenticate with Office 365 using AD FS 3.0 – but only sometimes, and often it was working fine and then it starts! I’ve found this error is due to two things, though there are other reasons. The full list of issues is at http://blogs.technet.com/b/applicationproxyblog/archive/2014/05/28/understanding-and-fixing-proxy-trust-ctl-issues-with-ad-fs-2012-r2-and-web-application-proxy.aspx. I found that this […]

Categories
2012 2012 R2 ADFS ADFS 3.0 certificates IAmMEC Office 365 WAP Web Application Proxy

Changing AD FS 3.0 Certificates

I am quite adept at configuring certificates and changing them around, but this one took me completely by surprise as it has a bunch of oddities to consider. First the errors: Web Application Proxy (WAP) reported 0x80075213. In the event log the following: The federation server proxy could not establish a trust with the Federation […]