locked
Branding ADFS Login Page RRS feed

  • Question

  • Hello,

    I'd searched far and wide for answers and left without one.

    Now I'm here to seek guidance from the gurus to accomplish my quest.

    Scenario (Simplified):

    Two relying parties setup on ADFS.

    Let's name one of them Microsoft and the other one Nokia.

    Let's also assume that there is only one domain on the ADFS server.

    Each party should have their unique logo and branding illustration.

    On Server 2012, is it possible to display individual logo and illustration for each relying party member?

    Thank you for your wisdom and I look forward to your guidance.

    Cheers!

    Thursday, November 10, 2016 5:34 PM

Answers

  • Hello, from this article: https://blogs.technet.microsoft.com/pie/2015/08/29/customizing-the-ad-fs-sign-in-pages-per-relying-party-trust/

    "The way the Windows Server 2012 R2 ADFS customization works currently does not enable you to modify the graphical end user experience based on the relying party trust (RP) the user is trying to access. So the look and feel of the sign-in page is the same for every user whether they are trying to access to the relying party trust A, the relying party trust B, their Office 365 environment or simply the IDP initiated sign-in page."

    Windows Server 2016 allows this out of the box.


    Thanks, Tim. | Please remember to mark the replies as answers if they help. |

    Thursday, November 10, 2016 8:07 PM
  • Note that this JavaScript workaround on Windows Server 2012 R2 works for WS-Fed based RP trusts. It doesn't for SAML based RP trusts.

    And regarding 2016 (for which it works regardless of the protocol), this is described here: https://technet.microsoft.com/windows-server-docs/identity/ad-fs/operations/ad-fs-customization-in-windows-server-2016


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Friday, November 11, 2016 4:16 AM

All replies

  • Hello, from this article: https://blogs.technet.microsoft.com/pie/2015/08/29/customizing-the-ad-fs-sign-in-pages-per-relying-party-trust/

    "The way the Windows Server 2012 R2 ADFS customization works currently does not enable you to modify the graphical end user experience based on the relying party trust (RP) the user is trying to access. So the look and feel of the sign-in page is the same for every user whether they are trying to access to the relying party trust A, the relying party trust B, their Office 365 environment or simply the IDP initiated sign-in page."

    Windows Server 2016 allows this out of the box.


    Thanks, Tim. | Please remember to mark the replies as answers if they help. |

    Thursday, November 10, 2016 8:07 PM
  • Note that this JavaScript workaround on Windows Server 2012 R2 works for WS-Fed based RP trusts. It doesn't for SAML based RP trusts.

    And regarding 2016 (for which it works regardless of the protocol), this is described here: https://technet.microsoft.com/windows-server-docs/identity/ad-fs/operations/ad-fs-customization-in-windows-server-2016


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Friday, November 11, 2016 4:16 AM