Problem with people picker of hosted name site collection with ADFS RRS feed

  • Question

  • Hello Everyone,

    I am having a problem when setting up ADFS in a web application which have hosted name site collections. Although I put ADFS authentication in a different zone, but in my hosted site name collections, I still can search users from 2 providers Active Directory and ADFS. Please refer to the detailed info below:

    My situation is:

    - A web application which have 2 hosted name site collections. It is using NTML authentication in Default Zone.

    - Extended the web application to Internet Zone. During the extending web application, the SercurityTokenServiceApplication got problems

    - Restarted application pool of the SecurityTokenServiceApplication, and continued to configure ADFS in sharepoint. The ADFS works perfectly.

    Then my problem is:

    - I have got a problem with the people picker of the hosted name site collections. Entered a name to the people picker, showing results from both providers AD and ADFS. 

    - In production, only happened with 1 web front end, the other one still ok. In staging environment, the issue did not happen.

    - Trying to reproduce by stopping the SecurityTokenServiceApplication during extending web application step, then I got the same problem in my testing environment.

    - Realized that the path-based site collections do not face this problem. Every hosted name site collection have issue.

    - I even tried to delete the web application and recreate again but the problem still exists.

    From my understanding, if I set up that way, only site collections from Internet zone can retrieve users from ADFS. The problem is really weird. If there is any one experienced the same problem, please kindly advise.

    Thanks a lot. 

    • Edited by Neves Pham Monday, October 24, 2016 11:36 PM
    Sunday, October 16, 2016 7:02 AM