none
Change ADFS server account RRS feed

  • Question

  • Is it possible to change the account that is used in running the ADFS setup. I used an enterprise admin to do the setup for our ADFS server and now every time a user hits the cert for that server it is flagging that account.
    Tuesday, June 25, 2019 7:44 PM

All replies

  • Yes you can change the account: https://gallery.technet.microsoft.com/scriptcenter/Active-Directory-ddb67df0

    But the I am not sure to understand what you mean by te certificate gets flagged and how is this related to the fact you used an enterprise admin account.


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, June 25, 2019 9:16 PM
    Owner
  • Sorry, I will try and explain a little better. I used an enterprise admin to install the ADFS role on the server and we are using the ADFS certificate for Single Sign-on. The ADFS service is using a local account which is what we want so I don't want to change that. What is happening is that one of our monitoring tools is showing that admin account as being used every time some using Single Sign-on and it routes through the ADFS server.
    Tuesday, June 25, 2019 9:47 PM
  • "we are using the ADFS certificate for Single Sign-on" 

    What does this mean? That's what I don't get. Although we can use Certificate Based authentication for users, we don't really have a SSO certificate.

    "The ADFS service is using a local account which is what we want so I don't want to change that."

    What version of ADFS are you using?

    Then, "that admin account as being used every time some using Single Sign-on" you mean successful authentication? If you look at the security event log of your ADFS server you should see an event 4624 (success logon) for that user and it will tell you the IP address where it is coming from. 


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Thursday, June 27, 2019 1:00 PM
    Owner