piszczynski>Aleks (Created page with " == ADFS Issues == When SSO does not work on eg intranet login: First check that the normal cert ( wild card ) hasn't expired via MMC on the WAP server If all certs are fin...") |
piszczynski>Aleks |
||
| Line 10: | Line 10: | ||
In MMC double click the cert that it is bound to and take the hex key and paste in to notepad - removing all the spaces ( this is the certificate thumbprint ) | In MMC double click the cert that it is bound to and take the hex key and paste in to notepad - removing all the spaces ( this is the certificate thumbprint ) | ||
Then in powershell on the WAP server(s) run the following command: | Then in powershell on the WAP server(s) run the following command: | ||
*Install-WebApplicationProxy –CertificateThumbprint "<certificate thumbprint>" -FederationServiceName <fs.domainname.com> | *Install-WebApplicationProxy –CertificateThumbprint "<certificate thumbprint>" -FederationServiceName <fs.domainname.com> | ||
Revision as of 20:18, 10 September 2021
ADFS Issues
When SSO does not work on eg intranet login:
First check that the normal cert ( wild card ) hasn't expired via MMC on the WAP server
If all certs are fine, check IIS to see what cert is bound to the site and then double check this cert
In MMC double click the cert that it is bound to and take the hex key and paste in to notepad - removing all the spaces ( this is the certificate thumbprint )
Then in powershell on the WAP server(s) run the following command:
- Install-WebApplicationProxy –CertificateThumbprint "<certificate thumbprint>" -FederationServiceName <fs.domainname.com>
You will need to end the domain admin details, once complete you should get the following output:
Message Context Status ------- ------- ------ The configuration completed successfully. DeploymentSucceeded Success
If this fails, Then check the ADFS servers and reboot them ( reboots are not ideal )