Trying to brand / customize my ADFS 4.0 (Windows Server 2016) Sign-In Page

Hi, I am nearing completion of my new Windows Server 2016 ADFS (4.0) implementation...finally.  Woohoo!!!

Now, I am working on branding the Sign-In page and am trying to figure out how to remove (or hide) the default "Sign in to this site." selection, because I can see this confusing end users.  I would like to only display the drop-down options for end users to choose from and then sign-in.

SSCC Sign-In Page Examples / Tests


I have been reading up on branding Sign-In pages via Microsoft Windows IT Pro Center - AD FS User Sign-In Customization


However, it doesn't mention anything, that I could find, about this question/area of the sign-in page.


Any help, assistance, links, suggestions, recommendations are greatly appreciated.




Let me know if you need further details to assist.



Thanks in advance.
C--Users-rsnellman-Desktop-SSCC_ADFS.jpg
rsnellmanIT ManagerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Peter HutchisonSenior Network Systems SpecialistCommented:
There is one file you can change the text appearing on ADFS login page :

c:\inetpub\adfs\ls\App_GlobalResources\CommonResources.en.resx

Change the value text for the following data entries:
FormsSignInPageTitle
SelectAsiteRadioButtonText
SignInOtherSiteRadioButtonText
0
rsnellmanIT ManagerAuthor Commented:
Hi, Peter.  Thanks for your reply.  However, this is not so or at least I cannot find it under the root of either the ADFS 4.0 (Windows Server 2016) server or on the ADFS 4.0 Web App Proxy (WAP) (Windows Server 2016) server.

Microsoft removed IIS dependencies when they released Windows Server 2012 R2 ADFS server role and continued it with Windows Server 2016 ADFS server role.

I really would like to know where these default files (images, etc.) are located on the ADFS 4.0 server so I could store my custom images there too, but it is a needle in a hay stack of needles at this point.


Any other ideas?


Thanks.
0
rsnellmanIT ManagerAuthor Commented:
A little side track, but does anyone know why when I sign out of a federated trust service (i.e. Canvas, Blackboard, etc.) from their side then go back to my SSCC Sign-In Page, the page indicates I am still logged into services and if I would like to log out of them?

And if I don't but go back to the cloud service (i.e. Canvas, Blackboard, etc.) it allows me in without authenticating, as if I am still connected when I requested it to log me out previously.


Trying to figure out if there is a setting I need to change, obviously, and where that setting would be located or setting to change?


Thanks.
C--Users-rsnellman-Desktop-SSCC_ADFS.JPG
0
Choose an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

rsnellmanIT ManagerAuthor Commented:
Would I be looking at adjusting the ADFS Federation Service Properties / Web SSO lifetime (minutes): 480 ?

That is the default for the web sso lifetime.  Not sure how that will affect users logged in to their cloud services.


Just trying to figure this out.


Thanks.
0
Peter HutchisonSenior Network Systems SpecialistCommented:
Sorry, my suggestion was for ADFS 2.0, not 4.0. I will see if I can find the files for ADFS 4.0 for you.
0
Peter HutchisonSenior Network Systems SpecialistCommented:
For ADFS 3 or later you need to create a custom theme for ADFS and then modify the onload.js file to customize it.
 New-AdfsWebTheme –Name custom –SourceName default
 Export-AdfsWebTheme –Name default –DirectoryPath c:\theme
 Edit onload.js
 Set-AdfsWebTheme -TargetName custom -AdditionalFileResource @{Uri=’/adfs/portal/script/onload.js’;path="c:\theme
 Set-AdfsWebConfig -ActiveThemeName custom  

See Advanced customization of AD FS Sign-in pages
https://docs.microsoft.com/en-gb/windows-server/identity/ad-fs/operations/advanced-customization-of-ad-fs-sign-in-pages

ADFS user sign in customization
https://docs.microsoft.com/en-gb/windows-server/identity/ad-fs/operations/ad-fs-user-sign-in-customization
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rsnellmanIT ManagerAuthor Commented:
Thanks again Peter.

One last question that came up as I finalize the development of the ADFS 4.0 Sign-In Page.

Is there a way to customize individual login services on the same ADFS 4.0 server/services?

If you have multiple relying party trusts on the same ADFS 4.0 server it creates a drop-down list, but it looks like the customizing of the sign-in page is global and appears the same for actually every sign-in page even if the sign-in pages point to different cloud services/vendors/partners.


Hopefully, I am making sense, if not let me know and I will try to elaborate.


Thanks again.
0
Peter HutchisonSenior Network Systems SpecialistCommented:
Good question. To be honest, I do not know. Maybe someone else may help.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2016

From novice to tech pro — start learning today.