locked
ADFS EnableIdpInitiatedSignonpage property is missing RRS feed

  • Question

  • Hi Guys,

    I am new to ADFS technologies, currently, I am working on SAML authentication for my application using ADFS as IDP and WebSphere Application Server as SP, I have installed Windows 2012 R2 DataCenter Evaluation version in my local VMware workstation and setup ADFS using Microsoft tech blogs. now I can't access the ADFS Single Sing On page (https://adfs.samlpoc.com/adfs/ls/idpinitiatedsignon.aspx) getting below error 

    Microsoft.IdentityServer.RequestFailedException: MSIS7065: There are no registered protocol handlers on path /adfs/ls/ to process the incoming request.
       at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)

    When I googled all blogs and forums are saying make EnableIdpInitiatedSignonpage property to TRUE but in my implementation, I can't find this property. I can't find a option to add/enable EnableIdpInitiatedSignonpage to ADFS. 

    For <g class="gr_ gr_27 gr-alert gr_gramm gr_inline_cards gr_run_anim Punctuation only-ins replaceWithoutSep" data-gr-id="27" id="27">me</g> the out coming as null  

    PS C:\Users\Administrator> Get-AdfsProperties | Select-Object EnableIdpInitiatedSignonpage

    EnableIdpInitiatedSignonpage
    ----------------------------

    PS C:\Users\Administrator>

    when I ran the set-Adfsproperties command I'm getting below error message.

    PS C:\Users\Administrator> set-AdfsProperties EnableIdPInitiatedSignonPage $true
    Set-AdfsProperties : A positional parameter cannot be found that accepts argument 'EnableIdPInitiatedSignonPage'.
    At line:1 char:1
    + set-AdfsProperties EnableIdPInitiatedSignonPage $true
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidArgument: (:) [Set-AdfsProperties], ParameterBindingException
        + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.IdentityServer.Management.Commands.SetServicePrope
       rtiesCommand

    How can I able this property add/enable, could you please help here. Thank you so much in advance.
    Tuesday, January 8, 2019 11:13 AM

All replies

  • You have a typo in your PowerShell command. You need a dash before "EnableIdpInitiatedSignonPage" so:

    Set-AdfsProperties -EnableIdPInitiatedSignonPage $true


    Tuesday, January 8, 2019 12:35 PM
  • Thank you for a quick reply. 

    I have tried both options one with dash and without dash as well. when I posted the question I copied without dash command and output of without dash one. Just now I tried with dash still getting the same error message.

    PS C:\Users\Administrator> Set-AdfsProperties -EnableIdPInitiatedSignonPage $true
    Set-AdfsProperties : A parameter cannot be found that matches parameter name 'EnableIdPInitiatedSignonPage'.
    At line:1 char:20
    + Set-AdfsProperties -EnableIdPInitiatedSignonPage $true
    +                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidArgument: (:) [Set-AdfsProperties], ParameterBindingException
        + FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.IdentityServer.Management.Commands.SetServiceProperties
       Command

    RK



    • Edited by brkrishna Tuesday, January 8, 2019 3:46 PM
    Tuesday, January 8, 2019 3:42 PM
  • Hi,

    When you type:  

     Set-AdfsProperties -EnableIdP and press tab, does it autocomplete to

    -EnableIdPInitiatedSignonPage? If it does not autocomplete, then you won't be able to use the parameter. If it does not autocomplete, then it could be due to the fact that you are using an evaluation server version. If Idpinitiatedsignon is not enabled, then when running this command in an elevated Powershell Session: Get-AdfsProperties | Select-Object EnableIdpInitiatedSignonpage

    you should have received a value of false, like this:

    but in your case there is no value. 

    I have not encountered this error before, but I have not used an evaluation version, only the Datacenter (Non-evaluation) one.

    Let me know if it autocompletes, please.

    Regards,

    Flaviu



    FlaviuP

    Tuesday, January 8, 2019 10:00 PM
  • Hello,

    What version of Windows Server are you using? If you are trying to enable the signOn page, then I am assuming you are using 2016 which by default disabled that page.

    Type:

    Get-AdfsProperties | Select-Object EnableIdpInitiatedSignonpage

    if the value returned is false, proceed to type

    Set-AdfsProperties -EnableIdpInitiatedSignonPage $true

    then run the command again to see if value is true.

    Access the page with: https://adfs.samlpoc.com/adfs/ls/idpinitiatedsignon.htm

    Hope this help. Make sure you open Powershell as administrator to perform the above.


    Isaac Oben MCITP:EA, MCSE,MCC <a href="https://www.mcpvirtualbusinesscard.com/VBCServer/4a046848-4b33-4a28-b254-e5b01e29693e/interactivecard"> View my MCP Certifications</a>

    Wednesday, January 9, 2019 4:55 AM
  • Thank you Flaviu for a quick reply.

    Set-AdfsProperties -EnableIdP and press tab - when I press tab nothing is coming, look this property not available.  Is there any option to add/enable this property using any other commands?

    I have read some blogs people said it EnableIdpInitiatedSignonpage is available in Evaluation version as well, but some reason it is not working for me. :(


    RK

    Wednesday, January 9, 2019 9:46 AM
  • Oben, 

    I am using Windows 2012 R2 DataCenter Evaluation version when I ran Set-AdfsProperties -EnableIdpInitiatedSignonPage $true command I am getting below error message. I ran PowerShell Run as administrator.

    PS C:\Users\Administrator> Set-AdfsProperties -EnableIdpInitiatedSignonPage $true
    Set-AdfsProperties : A parameter cannot be found that matches parameter name 'EnableIdpInitiatedSignonPage'.
    At line:1 char:20
    + Set-AdfsProperties -EnableIdpInitiatedSignonPage $true
    +                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidArgument: (:) [Set-AdfsProperties], ParameterBindingException
        + FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.IdentityServer.Management.Commands.SetServiceProperties
       Command

    RK

    Wednesday, January 9, 2019 9:51 AM
  • Flaviu and all, 

    I got a product key from my internal Win admin team and made my Windows as DataCenter version, but still, I am getting the same error message for EnableIdpInitiatedSignonPage. Please help me here.

    PS C:\Users\Administrator> DISM /online /Get-CurrentEdition

    Deployment Image Servicing and Management tool
    Version: 6.3.9600.17031

    Image Version: 6.3.9600.17031

    Current edition is:

    Current Edition : ServerDatacenter

    The operation completed successfully.
    PS C:\Users\Administrator>
    PS C:\Users\Administrator> Set-AdfsProperties -EnableIdpInitiatedSignonPage $true
    Set-AdfsProperties : A parameter cannot be found that matches parameter name 'EnableIdpInitiatedSignonPage'.
    At line:1 char:20
    + Set-AdfsProperties -EnableIdpInitiatedSignonPage $true
    +                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidArgument: (:) [Set-AdfsProperties], ParameterBindingException
        + FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.IdentityServer.Management.Commands.SetServiceProperties
       Command

    PS C:\Users\Administrator>

    RK

    Wednesday, January 9, 2019 11:14 AM
  • RK,

    if you are using 2012 R2, then the siginOn page should be enabled by deafult. the fact that it is not, it seems like something isn't right. can you remove the ADFS role, reboot and the install it again and see if that resolves your issue?


    Isaac Oben MCITP:EA, MCSE,MCC <a href="https://www.mcpvirtualbusinesscard.com/VBCServer/4a046848-4b33-4a28-b254-e5b01e29693e/interactivecard"> View my MCP Certifications</a>

    Wednesday, January 9, 2019 5:58 PM
  • Hi RK,

    I agree with Oben. Reinstalling the ADFS role should fix the corrupted installation. If a property is not available, it usually points to a faulty installation. 

    If reinstalling the ADFS role still does not do the trick, I am afraid you will need to reinstall Windows OS. Please use the full Datacenter version not the Evaluation one this time and let us know how it goes. I have never had any problems regarding the idpinitiatedsignon page with the Full version installed.

    Let us know how it goes.

    Regards,

    Flaviu



    FlaviuP

    Wednesday, January 9, 2019 6:30 PM