Solved

AD FS (Error - Single Sign-On)

Posted on 2014-01-16
3
807 Views
Last Modified: 2014-02-11
Dear all,

We are running AD FS on a windows 2012 server (SAML 2).
We have set up a Relying party trust, and receive the following error:

Our company name has been changed below to TEST

Error - Single Sign-On
(reference# NGOJCAEF) For security reasons a Response sent via the front channel that contains encrypted Assertion(s) must have a valid signature (but was NOT_PRESENT).
Partner: http://adfs.TEST.net/adfs/services/trust
Target Resource: https://TEST.<relyingparty>.com/biit/

Any help greatly appreciated.
0
Comment
Question by:Simon336697
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 37

Accepted Solution

by:
Mahesh earned 250 total points
ID: 39791272
Any ADFS events error logs would help please

Also have you checked relying party certificate is valid ?

Mahesh
0
 
LVL 20

Assisted Solution

by:compdigit44
compdigit44 earned 250 total points
ID: 39792888
Did you check your XML document to make sure it is valid and in the correct format?

http://stackoverflow.com/questions/10759381/what-is-the-correct-format-for-saml-2-0-assertions
0
 
LVL 1

Author Comment

by:Simon336697
ID: 39851538
Sorry guys gor ghe late response. I will allocate points and revisit this at a later time.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
LDAP Setup 6 63
Exchange, OWA, PROXY 7 63
Is there ldap tool which let us export information? 6 44
Ransomware case 23 103
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
A hard and fast method for reducing Active Directory Administrators members.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question