locked
The user name or password is incorrect ADFS 2016 RRS feed

  • Question

  • We have recently migrated to ADFS 2016 and authentication is working fine however we are seeing events in ADFS Admin events mentioning that:

    EventID: 364 Encountered error during federation passive request. 
    Additional Data 
    Protocol Name: 
    Saml 

    Relying Party: 
    https://abc.test.com

    Exception details: 
    Microsoft.IdentityServer.AuthenticationFailedException: "Userlogon address"-The user name or password is incorrect ---> System.IdentityModel.Tokens.SecurityTokenValidationException: "Userlogon address"- ---> System.ComponentModel.Win32Exception: The user name or password is incorrect

    I can confirm that user is able to authenticate with Windows credentials on web (Intranet and Extranet) and applications and this alert is generating when user is trying to configure email on Outlook app on iOS. In the outlook app it goes to ADFS login page and never accepts the credentials also doesn't show any error on the mobile device.

    With this another event is generating 

    Exception details: 
    Microsoft.IdentityServer.RequestFailedException: MSIS7065: There are no registered protocol handlers on path /adfs/ls/ to process the incoming request.
       at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)

    Can someone please help me with this


    pantsumit

    Tuesday, June 11, 2019 6:41 AM

All replies

  • Wednesday, June 12, 2019 7:31 AM
  • Hi Jesper,

    Thanks for your reply.

    We have a federation setup with ADFS and authentication is working fine for all o365 services. The above mentioned event I first saw when my user was trying to enter new password on his mobile device in the outlook app and it works when he try to enter password in OWA from browser. What else can be a possibility for this error event to occur and is there anything else I can check in the ADFS setup


    pantsumit

    Wednesday, June 12, 2019 7:51 AM
  • Another option:

    is the Outlook App pushed out by Intunes or similar Mobile Device Management?

    Wednesday, June 12, 2019 8:46 AM
  • Hi Jesper,

    User who mentioned this issue doesn't have Intune provisioned device and he was using it by just adding the profile in the outlook app.


    pantsumit

    Wednesday, June 12, 2019 10:37 AM
  • Can there be other reasons for this error? I mean this is one user who reported and I found that outlook app is not picking the password. There are multiple alerts generated for other users as well but I am not sure if they are using the same outlook app and facing same issues. So was thinking if there can be other scenarios which can generate this alerts.

    pantsumit

    Wednesday, June 12, 2019 10:39 AM
  • Hiya,

    I had a similar issue on an IOS device, where it was pushed by an MDM solution, but the mail account was all ready added using the default mail app on IOS.

    So user removed the account from the settings and re-added it in Outlook only, then it worked.

    It was actually giving us a Access Denied error, so it smells a bit of this :)

    In other words, you can only add the account once on IOS, as it is stored centrally...

    Wednesday, June 12, 2019 11:43 AM
  • In my case user was using Android device and don't have intune managed device. 

    However same alerts I am receiving for other users as well and not sure if they have the same case as my user reported. What I can do to check if this failure event is generated due to activity on Mobile device.

    And any other reason you can think of or aware for this? 


    pantsumit

    Wednesday, June 12, 2019 12:38 PM
  • Is the email address matching the UPN of the user?


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.


    Wednesday, June 12, 2019 2:16 PM
  • Hi Pierre,

    All the users have same UPN as email address.


    pantsumit

    Thursday, June 13, 2019 5:36 AM
  • If it's working through OWA, it sounds like a device issue and not a configuration issue. I mean, it might be a configuration issue on the device :)

    I presume it's only one user that has this issue or all users trying to authenticate using Outlook App?

    Wednesday, June 19, 2019 6:29 AM