locked
ADFS 3.0 NameID - External - Internal ADFS -> RP RRS feed

  • Question

  • Hello,

    I have currently a problem with the authentication of external users. Therefore, no problem with the internal users.

    Internal AD configured as Claim Provider on my Internal ADFS Server.

    External AD configured as Claim Provider on my external ADFS Server.

    I can authenticate all users except for an app.

    My configuration is :

    - Internal as RP on my External ADFS server

    Send LDAP Attributes as Claims

    Email Addresses => Email Address

    Given-name => Given-name

    Surname => Surname

    Token Groups - Unqualifed Groups => Role

    SAMAccountname => Windows Account Name


    - External as Claim Provider on my Internal ADFS Server

    PassThrough EMail Address

    PassThrough Given Name

    PassThrough Surname

    PassThrough Role

    Transform Email to NameID (format email)


    - Application as RP on my Internal ADFS Server

    Claim rule name : « AD SAMAcountName to NameID »

     « Active Directory »

    LDAP Attribute : « SAM-AccountName »

    Outgoing Claim Type : « Name ID »

    The users from the Internal AD can authenticate but not the external users from the external AD. Can you help me ?

    Moreover, I have an issue on the external ADFS logs :

    MSIS7042: The same client browser session has made '6' requests in the last '10' seconds. Contact your administrator for details.

    Thank you,


    Monday, April 4, 2016 6:39 AM