PSRemoting for Office 365 AD FS Configuration

When configuring AD FS for Office 365, one of the final steps is to link Azure AD with the on-premises AD FS deployment.  This should occur only after AD FS and WAP servers have been fully deployed, verified and tested. When linking the AD FS infrastructure with Office 365, we must use the Azure AD…

1

How To Install AD FS 2016 For Office 365 – Part 3

Here we are in part three already!  Previously we completed the below two phases in the AD FS deployment. How To Install AD FS 2016 For Office 365 How To Install AD FS 2016 For Office 365 – Part 2 This post assumes that the domain was previously added as a standard domain, also called…

1

How To Install AD FS 2016 For Office 365 – Part 2

This is the second in a series of three posts which will walk you through installing, configuring and connecting AD FS 2016 to Office 365.  In part one we installed the AD FS server on our corporate network, and tested that it was working. In this second post we need to make the AD FS…

4

How To Install AD FS 2016 For Office 365

This is a step by step guide to installing and configuring Windows Server 2016 Active Directory Federation Services (AD FS) for use with Office 365.  If you still wish to deploy the previous version of AD FS (Windows Server 2012 R2 AD FS), then please start with this post.  For those with a keen eye,…

5

Testing AD FS Signon Page – An Error Occurred

There are many causes for receiving errors when signing onto AD FS.  However some are more genuine than others.  This is a quick tip to check that you are on the right track before diving into the details and potentially spending time troubleshooting when in fact nothing is wrong.  Just lately, for some reason I’m…

3

Load Balancing AD FS Services In Azure RM

As mentioned in this blog’s previous posts on deploying AD FS, one option is to deploy all or part of the AD FS solution in Azure.  This is very valuable if there is insufficient capacity on-premises or if you only have a single datacentre and wish to increase resiliency. Deploying the AD FS solution or…

0

Change AD FS 2012 R2 Service Account Password

One of the added features in AD FS 2012 R2 was the ability to leverage group managed service accounts (gMSA) which obviated the requirement to manually change the password associated with the service account.  See Getting Started with Group Managed Service Accounts for some background on gMSA.  You may also see the term sMSA which…

0

Web Application Proxy Service Not Starting Due to Malformed Configuration File

The below Web Application Proxy (WAP) server had an unexpected issue.  When the machine came back up, it had lost the configuration to allow it to communicate to the AD FS farm.  This is not specifically an VM/Hyper-V/Azure issue, it is more of a WAP issue. Fixing the issue is straight forward, though let’s take…

1

Updating Windows Server 2012 R2 AD FS SSL and Service Certificates

Active Directory Federation Services (AD FS) heavily leverages X.509 certificates to allow the solution to function securely.  As with all of the other certificates that you deploy within your enterprise, there must be a process to manage and renew certificates prior to them expiring.  If a certificate expires this can be summarised quite simply as…

1

AD FS 2012 R2 Web Application Proxy – Re-Establish Proxy Trust

In the Tailspintoys environment, the administrator (moi) was a bit slack.  They let the AD FS 2012 R2 proxy get into a bad state.  The AD FS Proxy was not contacting the AD FS server on the internal network, and this allowed the short lived authentication certificate to expire.  At this point the AD FS…

36