Category Archives: Active Directory Federation Services

An important update addresses a Spoofing Vulnerability in AD FS

Yesterday, for its September 2020 Patch Tuesday, Microsoft released an important security update for Active Directory Federation Services (AD FS). About the vulnerability A spoofing vulnerability exists when Active Directory Federation Services (AD FS) on Windows Server 2016 and Windows Server 2019 improperly handles multi-factor authentication requests. This vulnerability is described in detail in CVE-2020-0837. […]

0  

On-premises Identity updates & fixes for August 2020

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for August 2020:   Windows Server 2016 We observed the following updates for Windows Server 2016: KB4571694 August 11, 2020 The […]

0  

KnowledgeBase: You can’t manage AD FS with non-domain-joined Azure AD Connect installations

Azure AD Connect is Microsoft's free Hybrid Identity bridge product to synchronize objects and their attributes from on-premises Active Directory Domain Services (AD DS) environments and LDAP v3-compatible directories to Azure Active Directory. One of the neat tricks Azure AD Connect has up its sleeve is the ability to implement Active Directory Federation Services (AD […]

0  

On-premises Microsoft Identity-related updates and fixes for May 2020

Even though Microsoft's Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for May 2020: Windows Server 2016 We observed the following updates for Windows Server 2016: KB4556813 May 12, 2020 The May […]

0  

KnowledgeBase: To manage non-domain-joined Web Application Proxies with Azure AD Connect you need additional configuration on both sides

Azure AD Connect is Microsoft's free Hybrid Identity bridge product to synchronize objects and their attributes from on-premises Active Directory Domain Services (AD DS) environments and LDAP v3-compatible directories to Azure Active Directory. However, you can also use it to set up and manage your organization’s Active Directory Federation Services (AD FS) implementation. This works […]

0  

A Real-world tested Approach for Transitioning Web Application Proxy Servers

This entry is part 2 of 2 in the series Transitioning AD FS and Web Application Proxy Servers

We’ve migrated many AD FS implementations from Windows Server 2012 R2 to Windows Server 2016 and beyond. This blogpost intends to share our experiences during these migrations, so you can take advantage of them during your migrations.   How we migrate In general, we migrate Web Application Proxy servers by adding additional Web Application Proxies […]

0  

A Real-world tested Approach for Transitioning AD FS Servers

This entry is part 1 of 2 in the series Transitioning AD FS and Web Application Proxy Servers

We’ve migrated many Active Directory Federation Services (AD FS) implementations from Windows Server 2012 R2 to Windows Server 2016 and beyond. This blogpost intends to share our experiences during these migrations, so you can take advantage of them during your migrations.   How we migrate In general, we migrate AD FS servers by adding additional […]

4  

KnowledgeBase: You receive error ‘AADSTS5000812: The SAML 1.1 credential must contain exactly one or zero claims of type ImmutableID’ when signing into Azure AD-integrated resources

In Hybrid Identity implementations, Active Directory Domain Services (AD DS), Active Directory Federation Services (AD FS) and Azure AD work together to authenticate people in your organization, so that they can work with Azure AD-integrated resources like Office 365. Sometimes, the constellation fails and you get an error page, instead of reaching the desired application, […]

0  

On-premises Identity updates & fixes for February 2020

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for February 2020: Windows Server 2016 We observed the following updates for Windows Server 2016: KB4537764 February 11, 2020 The February […]

1  

On-premises Identity updates & fixes for January 2020

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for January 2020:   Windows Server 2016 We observed the following updates for Windows Server 2016: KB4534271 January 14, 2020 The […]

0