troubleshooting Question

Question regarding ADFS Federated Authentication

Avatar of Plagus
PlagusFlag for United Kingdom of Great Britain and Northern Ireland asked on
* Federated Authentication* Active Directory Federation Services (ADFS)Windows Server 2012
1 Comment1 Solution51 ViewsLast Modified:
Hello Experts,

I have a customer who has a web based application sitting on a local IIS server.  The server is in the same domain as the users.
 
Access to the application is via ADFS based Federated Authentication and all is working fine when the users try to access the base application URL (for example https://application.domain.local/homepage).  Accessed in this way the application works flawlessly.  However, if the users start off by trying to access a different page within the application (so not the homepage but, for example, https://application.domain.local/pictures_of_elephants) we see a generic ADFS error as shown below.

The request specified an Assertion Consumer Service URL 'https://servername.local/application_name/AuthServices/Acs' that is not  configured on the relying party 'http://application_1F435F68-B46E-46AF-9691-84B169B8E887'.
Assertion Consumer Service URL: https:// servername.local/application_name /AuthServices/Acs
Relying party: http://application_1F435F68-B46E-46AF-9691-84B169B8E887 

This request failed.

User Action
Use the AD FS Management snap-in to configure an Assertion Consumer Service with the specified URL for this relying party.


I have only limited ADFS experience and I wonder if it is possible that I have missed some configuration steps in ADFS to allow access to other areas of the application aside from the homepage.

Any pointers much appreciated.
ASKER CERTIFIED SOLUTION
Adam Brown
Cloud Security Consultant

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Top Expert 2010

The Distinguished Expert awards are presented to the top veteran and rookie experts to earn the most points in the top 50 topics.

Join our community to see this answer!
Unlock 1 Answer and 1 Comment.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 1 Comment.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros