In preparation for Office 365 Single Sign on (SSO) Active Directory Federated Services (ADFS) role was added few days ago on Windows Server 2012 R2. All required configuration ADFS went without any hiccups. As a test, I could access ADFS portal web page internally and externally (trough Web Application Proxy) on the following link:
Just before I was going to change our Office 365 managed domain to federated so we could start using SSO for our Office 365 clients I have noticed that ADFS portal web page doesn't work anymore?! Event viewer for ADFS logs is complaining about (not sure if it’s relevant to my problems) about SSL certificate not containing UPN suffix values:
“The SSL certificate does not contain all UPN suffix values that exist in the enterprise. Users with UPN suffix values not represented in the certificate will not be able to Workplace-Join their devices. For more information, see http://go.microsoft.com/fwlink/?LinkId=311954.”
In the Microsoft link above they are talking about “Configuring Device Registration”… Well, we are not planning to setup and use Workplace Join client devices at this stage. Perhaps, we could ignore this error for a moment?!
Strangely enough I can get to the ADFS portal page internally trough this link (with SSL error warning):
As I have mentioned before, ADFS portal was working without any problems for the past few days and now, something have changed. Server was restarted few times but I didn't do any re-configuration for ADFS services on it. And, restarting ADFS server again..., doesn't fix the problem ;-(
Please help me sort it out this problem. I’m hoping this can be fix easily enough so we can continue with our project. Well, since we’re not using federated domain in Office 365 I could potentially re-install ADFS services again if needed...
Thanks in advance.