Users every time they change their Windows password, they keep getting locked out and the cause is adfs. looking at adfs doesn't tell me a whole lot including the tracing debug for adfs:
MSISWindowsUserNameSecurityTokenHandler.ValidateToken: Incoming security token failed validation .
ID4063: LogonUser failed for the 'user' user. Ensure that the user has a valid Windows account.-Logon failure: unknown user name or bad password
check the user's machine
- Sign out of Office
- Sign out of OneDrive
- Clear everything in Credential Manager
- Reboot
user still getting locked out.
Any other way to figure out why adfs is rejecting authentication?
