Management

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 775 other subscribers

Social

  • LinkedIn
  • RSS Feed for Posts
  • Twitter
  • StumbleUpon

(Solved) Several ADFS tips and solutions


Here you find a powershell script which was very useful for me.
All scripts are free of charge, use them at your own risk :

The last few months I’ve had several customers with ADFS problems.

I’ve decided to share the knowledge about these tips and solutions with you:

1 I Found a ADFS diagnostics module in the technet gallery:

https://gallery.technet.microsoft.com/scriptcenter/AD-FS-Diagnostics-Module-8269de31

AD FS Diagnostics Module

The AD FS Diagnostics Module contains commandlets to gather configuration information of an AD FS server, as well as commandlets to perform health checks to detect configuration issues based on common root causes identified during support engagements such as duplicate SPN, certificates not found, DNS records, etc.

Download the module

Place it in : C:\Windows\System32\WindowsPowerShell\v1.0\Modules\ADFSDiagnostics

Activate the module :

import-module adfsdiagnostics

2 Update the Service-Communications SSL certificate of ADFS and WAP servers

https://gallery.technet.microsoft.com/Update-the-Service-9e080ef8#content

Changing the Service-Communications certificate for the Windows Server 2012 R2 ADFS servers and Windows Server 2012 R2 Web Application Proxy servers is sometimes tricky if you are not familiar with the technology.

Basically you need to perform 3 operations:

1. Change the Service-Communications certificate in ADFS.

2. Set the new SSL certificate to be used by the HTTP.sys driver.

3. Give to the ADFS service read access to the private key of the new certificate.

This script will do all of that.

3 Updating Windows Server 2012 R2 AD FS SSL and Service Certificates

https://blogs.technet.microsoft.com/rmilne/2016/03/21/updating-windows-server-2012-r2-adfs-ssl-and-service-certificates/

This site explaines how to update the certificates on ADFS servers

4 HOW TO renew ADFS certificate on federation and WAP proxy server

https://www.vspbreda.nl/nl/ms-office/office-365/certificate/

HOW TO renew ADFS certificate on federation and WAP proxy server

5 ADFS WAP Error The operation stopped due to an unknown general error. Error code 0x8007520c

https://www.vspbreda.nl/nl/ms-office/office-365/wap/

Unable to use the Remote Access Management Console, due to a problem with the certificate.

6 ADFS 3.0 > Unable to logon > “AADSTS50008: SAML token is invalid”

https://www.vspbreda.nl/nl/server-os/server-2012/adfs-unable-logon-aadsts50008-saml-token-invalid/

How to resolve Time sync issues

7 ADFS 3.0 Cannot start service MSSQL$MICROSOFT##WID

https://www.vspbreda.nl/nl/server-os/server-2012/adfs-3-0-cannot-start-service-mssql-microsoft-wid/

When you have problems installing ADFS

8 ADFS : Enable Single Sign-on (SSO) for Edge and Chrome browser

https://www.vspbreda.nl/nl/ms-office/office-365/solved-adfs-enable-single-sign-on-sso-for-edge-and-chrome-browser/

When you have problems, using Single Sign On in Edge of Chrome browsers

9 W2008R2 Error when federating a local domain to Office 365: The connection to SRV.Domain.nl Active Directory Federation Services 2.0 server failed due to invalid credentials.

https://www.vspbreda.nl/nl/server-os/w2008r2-error-when-federating-a-local-domain-to-office-365-the-connection-to-srv-domain-nl-active-directory-federation-services-2-0-server-failed-due-to-invalid-credentials-solved/

Error federating ADFS server

May 15th, 2017 | Tags: , , , | Category: Office-365, Server 2012