Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Not authorized error 401 The requested resource requires user auhthentication

Posted on 2014-03-10
6
Medium Priority
?
1,213 Views
Last Modified: 2014-12-22
I get this error for ADFS when testing from inside using URL:
https://adfs.domain.com/adfs/ls/idpinitiatedsignon.aspx

Not authorized error 401 The requested resource requires user auhthentication

Please advice.
From outside SSO is working
0
Comment
Question by:claudiamcse
  • 5
6 Comments
 

Author Comment

by:claudiamcse
ID: 39919187
I also get this error when trying to browse to the following https://localhost/adfs/ls/
There was a problem accessing the site. Try to browse to the site again.
If the problem persists, contact the administrator of this site and provide the reference number to identify the problem.
Reference number: 6b1bc739-0815-45cd-8e6e-e57b4224cc2a
0
 

Author Comment

by:claudiamcse
ID: 39919249
I verified that I have the default settings on the ADFS server:

 If AD FS IIS authentication settings are incorrect, or IIS authentication settings for AD FS Federation Services and Proxy Services don't match, one solution is to reset all IIS authentication settings to the default AD FS settings.

I have the correct settings on the ADFS server

Default Web Site/adfs      Anonymous authentication
Default Web Site/adfs/ls      Anonymous authentication
Windows authentication
0
 
LVL 44

Accepted Solution

by:
Vasil Michev (MVP) earned 2000 total points
ID: 39919776
It's normal to get that error if you are accessing https://localhost/adfs/ls/

It it's the https://adfs.domain.com/adfs/ls/idpinitiatedsignon.aspx that is causing problems, check the default auth type you have configured. Some browsers do not support windows integrated auth, so that might be the problem.

Check the following links as well:

http://community.office365.com/en-us/forums/613/t/195089.aspx
http://robspitzer.wordpress.com/2012/04/02/reset-adfs-iis-permissions/
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:claudiamcse
ID: 39923624
It is actually started working now on all browsers except SAFARI after NTLM was moved up above Negotiate option on the Providers options. The resolution is below:
http://social.technet.microsoft.com/Forums/en-US/c9239a89-fbee-4adc-b72f-7a6a9648331f/401-unauthorized-access-is-denied-due-to-invalid-credentials?forum=winserversecurity

From inside using Safari we are never prompted with logon popup from ADFS server. From Outside using Safari Login page loads, but after entering credentials and clicking “Sign In” it returns back to the login page.

Please advice
0
 

Author Comment

by:claudiamcse
ID: 39924063
Disabled Extended Protection for Authentication but still not working from Safari (both outside and inside).

From Inside:
Getting the prompt now from sts.domain.com and after entering the credentials, we get this error in Safari:
Error: Too many redirects occurred trying to open sts.domain.com/adfs/ls

From Outside:
Getting the Form Authentication prompt from ADFS proxy. Then, after entering the credentials, the authentication prompt comes back blank again.
0
 

Author Closing Comment

by:claudiamcse
ID: 40513354
Thank you very much! This resolved the issue
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question