Andy
asked on
ADFS 3.0 SSO issue with credential request
Hi,
We have an internal only ADFS 3.0 farm (Server 2012 R2) of 2 servers (Primary and Secondary - confirmed) which are load balanced
DNS is setup using a zone called adfs.company,com containing a blank A record pointing to the VIP
SSO works fine for myself
Other users are having issues with SSO where it is prompting them for credentials
The primary browser is IE11
adfs.company.com has been added to the local intranet sites and set to use automatic logon in the intranet zone
We tried the following SSO tests with one of the users with issues:
My PC: Works as myself, works as the user
User PC: Works as me, doesn't work as the user
So this proves that ADFS is working correctly, as it works for me, and for the user on my PC, but there is something not quite right somewhere which I can;t seem to work out. I can't replicate the issue on my PC.
Any assistance gratefully received.
Thanks,
Andy
We have an internal only ADFS 3.0 farm (Server 2012 R2) of 2 servers (Primary and Secondary - confirmed) which are load balanced
DNS is setup using a zone called adfs.company,com containing a blank A record pointing to the VIP
SSO works fine for myself
Other users are having issues with SSO where it is prompting them for credentials
The primary browser is IE11
adfs.company.com has been added to the local intranet sites and set to use automatic logon in the intranet zone
We tried the following SSO tests with one of the users with issues:
My PC: Works as myself, works as the user
User PC: Works as me, doesn't work as the user
So this proves that ADFS is working correctly, as it works for me, and for the user on my PC, but there is something not quite right somewhere which I can;t seem to work out. I can't replicate the issue on my PC.
Any assistance gratefully received.
Thanks,
Andy
ASKER
Hi Footech,
I'm adding the site as a local intranet site in GPO under site to zone assignment.
adfs.company.com 1
It does feel like browser settings to me but so far unable to find exactly what the issue is.
Thanks :-)
Andy
I'm adding the site as a local intranet site in GPO under site to zone assignment.
adfs.company.com 1
It does feel like browser settings to me but so far unable to find exactly what the issue is.
Thanks :-)
Andy
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Footech,
It appears it's not a setting my end, the SaaS implementor had incorrect settings on their end!
Regarding the one user with the odd issue, I suspect she has some weird setting.
Regards,
Andy
It appears it's not a setting my end, the SaaS implementor had incorrect settings on their end!
Regarding the one user with the odd issue, I suspect she has some weird setting.
Regards,
Andy
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Glad you got it worked out.
I appreciate the willingness to give me points via the assist, but I don't think any of my suggestions approached being close to the answer you discovered.
I appreciate the willingness to give me points via the assist, but I don't think any of my suggestions approached being close to the answer you discovered.
ASKER
Issue was a setting on the SaaS side, as suspected was not an ADFS issue.
How is this being set?