This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Remove From My Forums

Windows server 2016 - web application proxy issue (IdpInitiatedSignon.aspx) not opening

Question
0

Sign in to vote

Hi guys.

Windows server 2016 with ADFS 4.0

I already learned (the hard way) that windows server 2016 has some "hickups":
For example: idpinitiatedsignon is disabled by default

SOURCE: (http://blog.hametbenoit.info/Lists/Posts/Post.aspx?ID=822)

Anyway, having similiar problem on Web Application proxy side, which is also configured on Win server 2016.

If we open: "https://adfsproxyFQDN/adfs/ls/IdpInitiatedSignon.aspx" we recieve an error: HTTP 404 not found. Please help!

bostjanc

Monday, November 7, 2016 2:55 PM

Answers

0

Sign in to vote
you cannot access the endpoint with the FQDN of your proxy server. The FQDN has to be the same for the proxies and on the ADFS servers. The clients will know which one to use thanks to a split brain DNS. So when client are connected internally they will resolve adfs.domain.com to the local IP address of the ADFS server (or the VIP of the internal load balancer if you are using any). And when internet clients are using a public DNS server and try to resolve adfs.domain.com they will end up on the public IP address of the proxy servers (or again the VIP of a load balancer dedicated for the proxies - aka WAP servers).
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.
- Marked as answer by B_C_R Tuesday, November 8, 2016 6:08 AM
Monday, November 7, 2016 3:51 PM

All replies

0

Sign in to vote
you cannot access the endpoint with the FQDN of your proxy server. The FQDN has to be the same for the proxies and on the ADFS servers. The clients will know which one to use thanks to a split brain DNS. So when client are connected internally they will resolve adfs.domain.com to the local IP address of the ADFS server (or the VIP of the internal load balancer if you are using any). And when internet clients are using a public DNS server and try to resolve adfs.domain.com they will end up on the public IP address of the proxy servers (or again the VIP of a load balancer dedicated for the proxies - aka WAP servers).
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.
- Marked as answer by B_C_R Tuesday, November 8, 2016 6:08 AM
Monday, November 7, 2016 3:51 PM
0

Sign in to vote

Pierre thank you very much for clarification.
After we have reconfigured as you have suggested, it went ok!
bostjanc

Tuesday, November 8, 2016 6:08 AM