locked
Authentication from a local LDAP store RRS feed

  • Question

  • Hi,

    We have ADFS 4.0 deployed within a AD 2012 forest and we have to add a second forest ( without trust) to provide authentication for other category of users.

    it's not possible to configure trust between forests .

    We configured the second AD forest 2016 as a Local LDAP store, witha specific suffix. but we didn't able to authenticate users from this forest based on the following article:

    https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/configure-ad-fs-to-authenticate-users-stored-in-ldap-directories

    But we receive an error when we use an account with upn suffixe from this domain.

    are there other settings to force authentication form this second store?

    Thanks


    Lourh

    Monday, January 29, 2018 3:23 PM

All replies

  • What do you mean by forcing authentication form for the second store? LDAP based claim provider trusts only do form based authentication.

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Monday, February 5, 2018 2:07 PM
  • Thank you Pierre

    Yes, we have an authentication page hosted on a Web app, this app use ADAL to authenticate with ADFS.

    I m not sure if we can use the same mecanism to authenticate users on ADAL form the same Page.

    Thanks


    Lourh

    Monday, February 5, 2018 2:21 PM