We help IT Professionals succeed at work.
Get Started

Sharepoint authentication cross forest

Last Modified: 2020-01-27

I have a domain (domain1.local) with adfs and sharepoint. I want to have some users that are part of another forest (domain2.local) authenticate through adfs to access sharepoint.
I have a full 2-way trust between the domains. Is there another configuration needed in the adfs side to get the authentication to work? I can add new claims and pinpoint to groups in the forest domain2.local, but i get the following error:
Encountered error during federation passive request.

Additional Data

Protocol Name:

Relying Party:

Exception details:
Microsoft.IdentityServer.AuthenticationFailedException: testuser@domain2.local-The user name or password is incorrect ---> System.IdentityModel.Tokens.SecurityTokenValidationException: testuser@domain2.local ---> System.ComponentModel.Win32Exception: The user name or password is incorrect
Watch Question
IT Administrator
This problem has been solved!
Unlock 1 Answer and 3 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant

An Experts Exchange subscription includes unlimited access to online courses.

Get Started
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE