Category Archives: Active Directory Federation Services

Identity-related sessions at Microsoft Ignite 2017 in Orlando

Microsoft Ignite 2017 North America in Orlando is only a few weeks away and many of us have begun filling their session builder with interesting sessions, corresponding to their interests and knowledge. I decided to compile a list of the Active Directory, Azure Active Directory, Graph, Group Policy  and Enterprise Mobility + Security (EM+S) related […]


Branding your Hybrid Identity Solution, Part 5: Azure Multi-Factor Authentication Server’s AD FS Adapter implementation

This entry is part 5 of 6 in the series Branding your Hybrid Identity Solution

Once you’ve branded the Active Directory Federation Services (AD FS) and Azure Active Directory pages, you might want to apply your corporate branding to the Active Directory Federation Services Adapter pertaining to your on-premises Azure Multi-Factor Authentication (MFA) Server. For AD FS running on Windows Server 2012 R2, this means that the Azure Multi-Factor Authentication […]


Important Update for Active Directory Federation Services (MS17-019, KB4010320, CVE-2017-0043)

Today, for its March 2017 Patch Tuesday, Microsoft released an important security update for Active Directory Federation Services (AD FS). The security update addresses a vulnerability that could allow information disclosure if an attacker sends a specially crafted request to an ADFS server, allowing the attacker to read sensitive information about the target system..   […]


Branding your Hybrid Identity Solution, Part 4: Active Directory Federation Services

This entry is part 4 of 6 in the series Branding your Hybrid Identity Solution

Active Directory Federation Services (AD FS) plays a huge part in your Hybrid Identity implementation. For colleagues using their domain credentials on domain-joined devices located on-premises , through Kerberos, they gain Single Sign-On (SSO) access to web apps your organization uses. For roaming colleagues, AD FS offers Single Sign-On on a per browser session basis, […]


Branding your Hybrid Identity Solution, Part 2: Recommendations

This entry is part 2 of 6 in the series Branding your Hybrid Identity Solution

Before we go applying changes to our Hybrid Identity implementation, I feel it’s a good time to discuss some of my recommendations for branding. These below five recommendations flow from my own personal experience branding the components of Hybrid Identity implementations.   Built-in branding vs. Full customization For Active Directory Federation Services (AD FS), you […]


KnowledgeBase: Logging in to the Intune Company Portal App results in an error “Could not sign in” on Android phones with Chrome 56, and up

This morning I read a blogpost by John Arnold on the Intune Support TechNet Blog on a strange Intune-related error on Android Phones when accessing the Company Portal app. As it turned out, this is an Active Directory Federation Services (AD FS)-related certificate issue, so I thought I’d share it here as well.   The […]


From the field: Colleagues in specific group encounter error “AADSTS50107 Requested federation realm object does not exist.”

Sometimes, you hit error messages that are just too vague to troubleshoot. I like these kinds of situations. This particular one is especially fun, because it requires some intermediate knowledge of Active Directory Federation Services in Hybrid Identity environments. My favorite subject.   The situation Single Sign-On (SSO) for organizations comes in many shapes and […]


Would you like to manage AD FS on Windows Server 2016, too? No problem!

Yesterday, I blogged on the entirely new Management Pack for Active Directory Domain Services on Windows Server 2016. What I didn’t notice, until now, is that a management pack for Active Directory Federation Services is also available,   About the AD FS MP The Active Directory Federation Services (AD FS) Management Pack provides both proactive […]


Pictures of the Microsoft Community event at Microsoft Hrvatska in Zagreb

The Croatian IT Pro User Group asked me to present a 75-minute session on the ‘Ten most common Mistakes with AD FS and Hybrid Identity’ at Microsoft Hrvatska in Zagreb yesterday. This event was shared with the Croatian IT Pros on the Microsoft Community website, and 56 people decided to sign up for the meeting, […]


Pictures of Microsoft Network 6

As I mentioned last week, I was invited as a speaker for the Microsoft Network 6 event in Neum, Bosnia and Herzegovina. The venue for this event is the Grand Hotel Neum, which is a great hotel with superb conference rooms. Combined with Microsofts great staff and the absolutely delightful weather, speakers and attendees, this […]