Subject: Problems testing with ADFS
Date: 2015-04-07 11:08:45
From: Andreas Soehnlein
Source: problems-testing-adfs
----------------------------------------------------------------------



	We have the following setup Windows 2012R2 and Windows 7. We are trying to make the demo work on our machines, but are facing problems.



	We followed the instructions to make Windows ADFS work with SAML and we also get positive event messages (it seems) but in the end the login attempts fail.



	Events recorded in the security event log:



	---------------------------



	A Kerberos authentication ticket (TGT) was requested.



	 



	Account Information:



	Account Name: Administrator



	Supplied Realm Name: MYDOMAIN



	User ID: MYDOMAIN\Administrator



	 



	Service Information:



	Service Name: krbtgt



	Service ID: MYDOMAIN\krbtgt



	 



	Network Information:



	Client Address: ::ffff:10.1.10.100



	Client Port: 57409



	 



	Additional Information:



	Ticket Options: 0x40810010



	Result Code: 0x0



	Ticket Encryption Type: 0x12



	Pre-Authentication Type: 2



	 



	Certificate Information:



	Certificate Issuer Name: 



	Certificate Serial Number: 



	Certificate Thumbprint: 



	-------------------------------



	

		A Kerberos service ticket was requested.

	

		 

	

		Account Information:

	

		Account Name: Administrator@MYDOMAIN.COM

	

		Account Domain: MYDOMAIN.COM

	

		Logon GUID: {3cd087e2-ab78-2ba3-880c-de12cd3041dc}

	

		 

	

		Service Information:

	

		Service Name: IDP$

	

		Service ID: MYDOMAIN\IDP$

	

		 

	

		Network Information:

	

		Client Address: ::ffff:10.1.10.100

	

		Client Port: 57410

	

		 

	

		Additional Information:

	

		Ticket Options: 0x40810000

	

		Ticket Encryption Type: 0x12

	

		Failure Code: 0x0

	

		Transited Services: 

	

		-----------------------------

	

		

			A Kerberos service ticket was requested.

		

			 

		

			Account Information:

		

			Account Name: Administrator@MYDOMAIN.COM

		

			Account Domain: MYDOMAIN.COM

		

			Logon GUID: {3cd087e2-ab78-2ba3-880c-de12cd3041dc}

		

			 

		

			Service Information:

		

			Service Name: IDP$

		

			Service ID: MYDOMAIN\IDP$

		

			 

		

			Network Information:

		

			Client Address: ::ffff:10.1.10.100

		

			Client Port: 57411

		

			 

		

			Additional Information:

		

			Ticket Options: 0x40810000

		

			Ticket Encryption Type: 0x12

		

			Failure Code: 0x0

		

			Transited Services: -

		

			 

	

	

		But in the browser the login window reappears again, so it seems we cannot succesfully login. We don't get any further events in the places (system, application, adfs or others).

	

		 

	

		web.config 

	

		 

	

		

			 <appSettings>

		

			    <!-- The ADFS's endpoint for HTTP POST -->

		

			    <add key="IdpHttpPostServiceUrl" value="http://idp.mydomain.com/adfs/ls" />

		

			 

		

			    <!-- The ADFS's endpoint for HTTP Redirect -->

		

			    <add key="IdpHttpRedirectServiceUrl" value="http://idp.mydomain.com/adfs/ls" />

		

			    

		

			    <!-- The binding type 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' or 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' -->

		

			    <add key="SsoBinding" value="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"/>

		

			    

		

			    <!-- The Service Provider Issuer ID -->

		

			    <add key="Issuer" value="http://idp.mydomain.com"/> 

		

			  </appSettings>

		

			 

		

			Any help is greatly appreciated.

		

			 

		

			Yours

		

			 

		

			Andreas

		

			 

	





	 



	 



	 


----------------------------------------------------------------------

Note: This question has been asked on the Q&A forum of Thang Dang's fraudulent ComponentPro brand
If you purchased anything from ComponentPro, you have been scammed. Contact the payment processor
who sold you the license and ask for your money back.

Back to ComponentPro Q&A Forum Index