ADFS: Excluding a Specific User Group from MFA

Hi there, JJ Streicher-Bremer back again, this time talking about ADFS and multi-factor authentication. I had a need to configure an environment where everyone was required to use multi-factor authentication _except_ for folks in a specific AD group. When looking at the ADFS 3.0 MFA configuration GUI there is a simple way to add users… Read more

ADFS Deep-Dive: Troubleshooting

Just in case if you haven’t seen this series, I’ve been writing an ADFS Deep-Dive series for the past 10 months. Here are links to the previous articles: ADFS Deep-Dive- Primer ADFS Deep-Dive- Comparing WS-Fed, SAML, and OAuth ADFS Deep Dive- Planning and Design Considerations ADFS Deep Dive- Certificate Planning ADFS Deep-Dive- Onboarding Applications Before… Read more

Mailbag: All ADFS All The Time (Issue #11)

Hey y’all Mark and Tom here. Thinks are starting to return to normal so hopefully we should be back to a regular posting schedule. Tom should have some more time since HIS hockey team is already out of the playoffs while mine continues to march on. This mailbag is chalked full of ADFS goodness. Let’s… Read more

Mailbag: Opening Day (Issue #10)

  Hey y’all Mark and Tom here. Bet you thought we’d miss this week too.  We’ve been a bit busy over here so that would mostly explain it. That and I’m in two fantasy baseball leagues this year. My nerdiness extends into sports as well thank you very much. Tom was doing something nerdy as… Read more

Mailbag: Starting To Get The Hang Of This (Issue #9)

Hey y’all Mark, Tom and Hilde back for another mailbag Friday. Keep the questions coming and we’ll keep answering them. This week we are getting back into the Hyper-V pool and always some ADFS goodness. Let’s get into it. FREE Security & The Cloud Virtual Event Domain Admin credentials while installing ADFS .NET versions and… Read more

ADFS Deep-Dive: Onboarding Applications

I’m back with the onboarding of applications post I promised. Of all my ADFS work I’m performed over the last several years, the one reoccurring pain point that customers have is onboarding applications to ADFS. The reason this typically happens to because the ADFS admins don’t usually know what the application owners needs and vice-versa…. Read more

Mailbag: Hildebrand from Azure Land (Issue #8)

Hey y’all, Mark, Tom and Hilde back for another mailbag. Astute readers and or those that have access to a calendar will notice we may have missed a week in our regular posting schedule. I’m not one to point fingers but I will say that Tom was supposed to send over his questions before he… Read more

ADFS Deep Dive: Certificate Planning

The last blog was about planning for ADFS and what questions you should be asking when deploying it. http://blogs.technet.com/b/askpfeplat/archive/2014/11/24/adfs-deep-dive-planning-and-design-considerations.aspx I said that the next blog would be about what conversations and questions you should have with the application owners. After some thought, I’ve changed my mind and decided to write about certificate planning. During almost… Read more

Mailbag: Superbowl Superbag (Issue #6)

 Hey y'all, Mark, Tom and Lakshman are back for another mailbag. All of our NFL teams are out of the playoffs but I promise you this mailbag meets the proper inflation requirements for a blog post. Sorry Boston I had to.  Ok let’s jump into it.   Web Application Proxy Cert Renewal Static IPs on… Read more

Azure Active Directory for the Old-School AD Admin

Greetings! Hilde here to wish you a Happy New Year and to welcome you to the first Monday of 2015 and the first post of 2015 for AskPFEPlat! As you may know from reading my posts here, I tend to reminisce. Well it's the New Year, so here I go again … Anyone out there remember… Read more