Hi all, let's say there's an ADFS 2.0 system that was set up to be used for getting Single Sign On access to a bunch of different third party websites that support ADFS connections. Those third party websites could be using either WIF or SAML based
apps to facilitate the federation with ADFS, who knows. After a while, about 10 different relying parties were configured in that ADFS system and all is good. Out of the blue, a new project comes up where an in-house SharePoint app needs to be set up
so that a company outside of the organization can access that SharePoint app via SSO using the existing ADFS system. So now, to support that SP/SSO app, you have to add a new Claims Provider Trust to the ADFS configuration. When that happens, the
next time a user goes to access one of the 10 existing Relying Party apps, a new Sign On screen appears asking which Identity Provider they want to use. The user calls the help desk and reports the issue. So do a bunch of other users. Next thing
that happens is that the new claims provider trust is removed from the ADFS configuration. Is there any way to set up the ADFS system so that, after the second claims provider trust is added, when a user goes to access any of the 10 existing
replying party websites, the home realm defaults to the original ADFS claims provider trust, which is the company's Active Directory? I'm hoping that this can be done and I don't have to ask any of the Relying Party's administrators to have to change
anything on their side.
Thanks for taking the time to read this and any feedback would be much appreciated.
