locked
How to redirect to the IdpInitiatedSignOn.aspx page in ADFS 2016 RRS feed

Answers

  • ADFS 2.1 ran on IIS so you had full control over the pages.

    ADFS 3.0 / 4.0 run on http.sys (no IIS) so there is no way to replicate this short of using some kind of proxy.

    • Marked as answer by RichAZ Thursday, August 31, 2017 10:24 PM
    Thursday, August 31, 2017 8:08 AM

All replies

  • Was the previous version ADFS 2.0?

    Thursday, August 31, 2017 2:44 AM
  • Yes previous version was 2.1 using IIS.  We just used a redirect page to send the user on to the IdpInitiatedSignOn.aspx page. 
    Thursday, August 31, 2017 4:55 AM
  • ADFS 2.1 ran on IIS so you had full control over the pages.

    ADFS 3.0 / 4.0 run on http.sys (no IIS) so there is no way to replicate this short of using some kind of proxy.

    • Marked as answer by RichAZ Thursday, August 31, 2017 10:24 PM
    Thursday, August 31, 2017 8:08 AM
  • IIS and AD FS can co-exist.

    It is possible to set up a site that listens to the URL you specified above and redirect that to the logon page. You must, however, make very sure that you don't affect the AD FS related virtual directories.

    For ref, see https://social.technet.microsoft.com/Forums/office/en-US/007e74e1-95bf-4b86-a826-5c5ef0720fb5/adfs-30-iis?forum=ADFS (courtesy of nzpcmad1 :))

    Again, be very careful on how you configure IIS.

    Otherwise, put a proxy in front and let that handle the redirect.


    Anders Janson Enfo

    Thursday, August 31, 2017 10:28 AM
  • First of all ADFS 4(2016) doesn't uses IIS and works on https.sys file. Also unlike ADFS 3.0, you will have to enable the URL for IDPinitiatedsignon.aspx. Which you can do it by running the command :-

    Set-AdfsProperties–EnableIdpInitiatedSignonPage $True

    After that you can test and verify if its working or not.

    About your upgradation, another things will remain the same. You will have to export the configuration from the existing ADFS server then import it into ADFS 2016. The Key part is that you will have to update the Token Signing certificates over to all the Relying party as per the new ADFS server, otherwise users will not be able to access the applications federated with ADFS. Please let me know in case you experience any issues.

    Thanks,

    Divyank

    Thursday, August 31, 2017 12:18 PM
  • Sorry for being unclear.

    You can install IIS on a server that also has AD FS installed and use it as appropriate with the caveats described in the link provided.

    And  yes, you do need to enable the URL.


    Anders Janson Enfo

    Thursday, August 31, 2017 1:18 PM