Kerberos Issues November 2022
The November 8, 2022 and later Windows updates address a security bypass and elevation of privilege vulnerability with Authentication Negotiation by … Read the rest “Kerberos Issues November 2022”
AD FS
Active Directory Federation Services
Check If AD FS WSTrust Endpoint Enabled
Active Directory Federation Services (AD FS) uses endpoints to provide access to features. There are a series of different endpoints which each serve… Read the rest “Check If AD FS WSTrust Endpoint Enabled”
Sign-In Error 5000811 — Unable to verify token signature. The signing key Identifier Does Not Match Any Valid Registered Keys
The error message "Sorry, that didn’t work. Please go back to office.com and try again” is probably one of the most vague that I've seen. It's up the… Read the rest “Sign-In Error 5000811 — Unable to verify token signature. The signing key Identifier Does Not Match Any Valid Registered Keys”
AD FS Web Application Proxy Re-Establish Proxy Trust
In the Tailspintoys environment the AD FS Proxy was offline for month. It was unable to contact the AD FS server on the internal network, and this al… Read the rest “AD FS Web Application Proxy Re-Establish Proxy Trust”
Defender For Identity Sensor Service Fails To Start on AD FS – Sequence Contains No Elements
After installing Defender for Identity sensor onto AD FS, you may experience an issue where the service does not enter the running state.
In the Micros… Read the rest “Defender For Identity Sensor Service Fails To Start on AD FS – Sequence Contains No Elements”
AD FS Extranet Smart Account Lockout Protection
Windows Server 2012 R2 AD FS added the Extranet Account Lockout protection feature. The intent of Extranet Account Lockout protection is to add an ad… Read the rest “AD FS Extranet Smart Account Lockout Protection”
Unable to Edit WAP Published Application in Mixed Mode Farm
During the upgrade process it is expected that there will be multiple versions of AD FS and WAP servers operating in a farm at a given time. Thi… Read the rest “Unable to Edit WAP Published Application in Mixed Mode Farm”
Unable To Access WAP AD FS Proxy Instance Externally
When deploying AD FS and Web Application Proxy it is common to run into some networking issues. Normally this is due to firewall rules not being set … Read the rest “Unable To Access WAP AD FS Proxy Instance Externally”
Get-AdfsProperties Error ADMIN0120
The below is an issue which caused this week’s customer a little stress. They wanted to review the current AD FS configuration, but were not able to … Read the rest “Get-AdfsProperties Error ADMIN0120”
Connect to AD FS 2016 WID Using SQL Server Management Studio
As part of troubleshooting a recent Windows Server 2016 AD FS issue, I wanted to take a look at the database using SQL Server Management Studio (SSMS)… Read the rest “Connect to AD FS 2016 WID Using SQL Server Management Studio”