?
Solved

How do I get the Initiated Signon Page for ADFS 3.0 to display for my new setup?

Posted on 2014-07-30
2
Medium Priority
?
2,895 Views
Last Modified: 2014-07-30
I am in the process of setting up my first ADFS on Server 2012 R2, but get a This Page Cannot Be Displayed

external domain: domain.com
internal domain: home.domain2.com
using split dns

I am using a standard SSL Cert from Godaddy: adfs.domain.com

When testing by going to: https://adfs.domain.com/adfs/ls/IdpInitiatedSignon.aspx I get a "This Page Cannot Be Displayed"

If I go to URL https://localhost/adfs/ls/IdpInitiatedSignon.aspx the page does display

I see this warning in the event log: The SSL certificate does not contain all UPN suffix values that exist in the enterprise. Users with UPN suffix values not represented in the certificate will not be able to Workplace-Join their devices.

I've added a A host record in dns where adfs = the ip of the adfs server.

What am I missing?  Do I need to add the local domain to my certificate?

I've been following this document: http://goodworkaround.com/node/53
0
Comment
Question by:ohmErnie
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 59

Accepted Solution

by:
Cliff Galiher earned 2000 total points
ID: 40230399
Use something like the developer tools in IE or Firefox's firebug to see the actual HTTP requests and replies. "This page cannot be displayed" is usually not SSL related, but usually there is a number code or a "more information" link to provide details of the error the browser encountered. Without more information, it is all speculation. If I had to guess, it is a DNS issue, either with how split DNS was setup or with a cached entry. But it is a guess in the dark at this point.
0
 
LVL 1

Author Comment

by:ohmErnie
ID: 40230977
It was a DNS issue.  I had an incorrect A record.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question