locked
ADFS Login Page RRS feed

  • Question

  • Good Morning ADFS Pros,

    I'm a total noob in ADFS, I'm a SharePoint Administrator. My question is:

    1. Is it possible to have separate custom ADFS login pages for different sites?

    2. If yes, how can I create one? (I'll be more than happy to do the reading if you have a link to some good article)

    I have a a number of sites on my SharePoint 2013 farm that use forms authentication, however I'm moving them to ADFS authentication and I need to provide my users with a page where they can either login via ADFS auth. or be able to request an account. 

    Let me know if this is possible and if you have any pointers for good resources/course materials to get familiar with ADFS authentication I would appreciate it.

    Thank you!
    OT


    OT


    • Edited by Oliver_Tech Friday, January 4, 2019 11:05 PM
    Friday, January 4, 2019 7:39 PM

Answers

  • Yes - you can customize the login page for each different relying party in ADFS in 2016. Since to the best of my recollection in SharePoint each FQDN needs to be set up as a distinct relying party, you can have a different ADFS login theme for https://sitea.example.com and https://siteb.example.com but https://sitea.example.com/hr and https://sitea.example.com/finance are going to share the same login customization.

    General info on customizing ADFS here: https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/ad-fs-user-sign-in-customization

    Notes on customization per RP: https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/ad-fs-customization-in-windows-server

    • Marked as answer by Oliver_Tech Friday, January 4, 2019 11:04 PM
    Friday, January 4, 2019 8:01 PM

All replies

  • Yes - you can customize the login page for each different relying party in ADFS in 2016. Since to the best of my recollection in SharePoint each FQDN needs to be set up as a distinct relying party, you can have a different ADFS login theme for https://sitea.example.com and https://siteb.example.com but https://sitea.example.com/hr and https://sitea.example.com/finance are going to share the same login customization.

    General info on customizing ADFS here: https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/ad-fs-user-sign-in-customization

    Notes on customization per RP: https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/ad-fs-customization-in-windows-server

    • Marked as answer by Oliver_Tech Friday, January 4, 2019 11:04 PM
    Friday, January 4, 2019 8:01 PM
  • Thank you BTW97! Just what I was looking for!

    OT


    OT

    Friday, January 4, 2019 11:04 PM
  • Good Afternoon,

    Quick question, do you know if the "Set-ADFSRelyingPartyWebTheme" cmdlet is deprecated? I'm getting the error below when I try to run the last step to setting the Relying Party Web Theme.

    PS C:\Windows\system32> Set-AdfsRelyingPartyWebTheme -TargetRelyingPartyName "urn:my" -SourceWebThemeName "MyTheme"
    Set-AdfsRelyingPartyWebTheme : The term 'Set-AdfsRelyingPartyWebTheme' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the 
    spelling of the name, or if a path was included, verify that the path is correct and try again.
    At line:1 char:1
    + Set-AdfsRelyingPartyWebTheme -TargetRelyingPartyName "urn:myurn ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : ObjectNotFound: (Set-AdfsRelyingPartyWebTheme:String) [], CommandNotFoundException
        + FullyQualifiedErrorId : CommandNotFoundException

    Thank you!
    OT


    OT


    • Edited by Oliver_Tech Monday, January 7, 2019 6:31 PM
    Monday, January 7, 2019 6:30 PM
  • I know why! I'm on ADFS 2012 R2 :(. And changes that are made affect all relying parties because they are made at the federation service level.

    Thank you for all your help with this!

    OT


    • Edited by Oliver_Tech Monday, January 7, 2019 7:30 PM
    Monday, January 7, 2019 7:29 PM