Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 793
  • Last Modified:

ADFS 2.0 migration from 2008 R2 to 2012

Hello all, This one I have posted before but here we go again:

I have completed an ADFS migration from a WIndow server 2008 ENterprise R2 to WIndows SErver 2012 STandard. I performed an in place upgrade, restore and configure the ADFS services.

I have followed Microsoft preparation and migration instructions but it is obvious that I am missing something.

AFter migration, my users were being prompted constantly for credentials on their Outlook client. Also when trying to log into the Office 365 portal, they are unable to authenticate to it, they are instantly redirected to an access denied error as soon as they type their email address. The error is: "403 Forbidden- Access Denied. You do not have permission to view this directory or page with the credentials you provided."

I have updated trust successfully by issuing cmdlet: Update-MsolFederatedDomain -DomainName Domain.com. Checked on the logs and everything seems to have updated properly.

Any other advises on what to check next?
0
LuiLui77
Asked:
LuiLui77
  • 4
2 Solutions
 
LuiLui77Author Commented:
OK, in IIS i have changed the ADFSAppPool from .NETFramwork v4.0 to v2.0. Now when I try to sign into the portal, a popup for credentials is prompted, which is a good sign, but after 3 retries with my known good password, it redirects me to the same error.

Any thoughts?
0
 
LuiLui77Author Commented:
Sorry error message is now:

401 - Unauthorized: Access is denied due to invalid credentials

Thank you.
0
 
Vasil Michev (MVP)Commented:
Check your auth methods on IIS, make sure anonymous is enabled on both /adfs and /ls.

Can you login locally using AD FS? The url should be something like: https://sts.domain.com/adfs/ls/idpinitiatedsignon.aspx
0
 
LuiLui77Author Commented:
Hi Vasilcho, I checked on the IIS authentication method and changed them to anonymous.

Also I installed Microsoft updates and when restarting the machine, "Trust between the machine and DC failed". Must have been related to a snapshot of the VM at some point.
I reset the machine password with netdom, restart again and everything started working.

ADFS is now up and running the way it should be.

Thank you for help Vasilcho!
0
 
LuiLui77Author Commented:
Also I installed Microsoft updates and when restarting the machine, "Trust between the machine and DC failed". Must have been related to a snapshot of the VM at some point.
I reset the machine password with netdom, restart again and everything started working.
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now