BUY Free Trial
Questions
Ask Question

Problems testing with ADFS

0

We have the following setup Windows 2012R2 and Windows 7. We are trying to make the demo work on our machines, but are facing problems.

We followed the instructions to make Windows ADFS work with SAML and we also get positive event messages (it seems) but in the end the login attempts fail.

Events recorded in the security event log:

---------------------------

A Kerberos authentication ticket (TGT) was requested.

 
Account Information:
Account Name: Administrator
Supplied Realm Name: MYDOMAIN
User ID: MYDOMAIN\Administrator
 
Service Information:
Service Name: krbtgt
Service ID: MYDOMAIN\krbtgt
 
Network Information:
Client Address: ::ffff:10.1.10.100
Client Port: 57409
 
Additional Information:
Ticket Options: 0x40810010
Result Code: 0x0
Ticket Encryption Type: 0x12
Pre-Authentication Type: 2
 
Certificate Information:
Certificate Issuer Name:
Certificate Serial Number:
Certificate Thumbprint:
-------------------------------
A Kerberos service ticket was requested.
 
Account Information:
Account Name: Administrator@MYDOMAIN.COM
Account Domain: MYDOMAIN.COM
Logon GUID: {3cd087e2-ab78-2ba3-880c-de12cd3041dc}
 
Service Information:
Service Name: IDP$
Service ID: MYDOMAIN\IDP$
 
Network Information:
Client Address: ::ffff:10.1.10.100
Client Port: 57410
 
Additional Information:
Ticket Options: 0x40810000
Ticket Encryption Type: 0x12
Failure Code: 0x0
Transited Services:
-----------------------------
A Kerberos service ticket was requested.
 
Account Information:
Account Name: Administrator@MYDOMAIN.COM
Account Domain: MYDOMAIN.COM
Logon GUID: {3cd087e2-ab78-2ba3-880c-de12cd3041dc}
 
Service Information:
Service Name: IDP$
Service ID: MYDOMAIN\IDP$
 
Network Information:
Client Address: ::ffff:10.1.10.100
Client Port: 57411
 
Additional Information:
Ticket Options: 0x40810000
Ticket Encryption Type: 0x12
Failure Code: 0x0
Transited Services: -
 
But in the browser the login window reappears again, so it seems we cannot succesfully login. We don't get any further events in the places (system, application, adfs or others).
 
web.config 
 
 <appSettings>
    <!-- The ADFS's endpoint for HTTP POST -->
    <add key="IdpHttpPostServiceUrl" value="http://idp.mydomain.com/adfs/ls" />
 
    <!-- The ADFS's endpoint for HTTP Redirect -->
    <add key="IdpHttpRedirectServiceUrl" value="http://idp.mydomain.com/adfs/ls" />
    
    <!-- The binding type 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' or 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' -->
    <add key="SsoBinding" value="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"/>
    
    <!-- The Service Provider Issuer ID -->
    <add key="Issuer" value="http://idp.mydomain.com"/> 
  </appSettings>
 
Any help is greatly appreciated.
 
Yours
 
Andreas
 

 

 

 

adfs
edited 11/30/2017 11:14:56 AM
asked 4/7/2015 11:08:45 AM
add a comment

1 Answers

active oldest votes
0

Please enable Saml Trace in your applicationa and send us the log file:

Add the following code to your Application_Start event:

[code lang='c#']ComponentPro.Saml.SamlSettings.LogWriter = new ComponentPro.Saml.Diagnostics.FileLogWriter(AppDomain.CurrentDomain.BaseDirectory + "saml.log",
               ComponentPro.Saml.Diagnostics.LogLevel.Verbose, false);[/code]           
 

 
answered 11/16/2017 12:41:37 AM
add a comment

Your Answer

Not the answer you're looking for? Browse other questions tagged adfs or ask your own question.