ADFS 3 is used
I have a certificate issued to adfs.c.ca
I have a Windows 2012 R2 server ADFS 3 proxy c-adfs-proxy (not on the domain, in the DMZ)
I have a Windows 2012 R2 server ADFS server called adfs.p.local on the domain
The domain is p.local
External name resolution for c.ca is in place
I have a DNS entry on our domain controllers for adfs.c.ca point to the internal ip of the c-adfs.p.local
https://adfs.c.ca/adfs/ls/idpinitiatedsignon shows the page internally and allows sign in and sign out
Proxy is in DMZ (different subnet than .local with firewall)
cc-adfs.p.local can resolve the c-adfs-proxy (an internal address)
TCP ports 443 and 49443 go to the cc-adfs
https://adfs.c.ca/adfs/ls/idpinitiatedsignon displays the picture from the Login page externally, but says "An error has occurred"
-error in ADFS log-
Exception details:
Microsoft.IdentityServer.RequestFailedException: MSIS7065: There are no registered protocol handlers on path /adfs/ls/idpiniatedlogin to process the incoming request.
at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)
•
Activity ID: 00000000-0000-0000-4100-0080000000e7
•
Error time: Mon, 21 Nov 2016 18:14:39 GMT
•
Cookie: enabled
•
User agent string: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 10.0; WOW64; Trident/8.0; Touch; .NET4.0C; .NET4.0E; Tablet PC 2.0; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729
Should one of the servers be called adfs like the certificate?
how do I troubleshoot this?
