An error has occurred when trying to access IdpInitiatedSignOn.aspx to test SAML authentication on AD FS 4.0 (Windows Server 2016)

,

A working example of IdpInitiatedSignOn.aspx

So usually one of the first things I do after initially setting up an AD FS environment (among others) is to test the Metadata (navigate to https://your.adfs.server/ federationmetadata/2007-06/federationmetadata.xml which should return valid XML) and sign-in functionality using the IdpInitiatedSignOn.aspx method. For Server 2012/2012 R2 this page enabled by default but if we navigate to this page on Server 2016 we get the following error;

An error occurred

The resource you are trying to access is not available. 
Contact your administrator for more information.

The reason being is that this is disabled on Server 2016 and there is an extra step that needs to take place to enable it.

We can check to see the current status by issuuing the following command in a PowerShell window.

Get-AdfsProperties | fl

Scrolling down you’ll eventually see enableIdPInitiaedSignonPage which should currently be set to false, to change this issue the following command

Set-Adfsproperties -enableIdPInitiatedSignonPage $true

This enables the IdPSignonPage and allows us to test a login process for a SAML authentication supported application. Once this works I know I can safely begin to provision my applications to authenticate users against this AD FS server.


Leave a Reply

More Posts

Power BI Gateway SSL Issues with managed AWS RDS SQL Server instances

I had a customer call up and explain their Power BI reports had stopped working, they’re not managed so after working a few things out we got to work and jumped into their Datawarehouse environment in AWS. After a quick look we could see that their RDS SQL Server instance had TLS turned on and […]

Adopt Unifi Access Point over Internet or VPN using SSH

If you’ve shipped some Ubiquiti Unifi Wireless access points to a remote site before adopting them or happen to have your controller on another network, you can log into them via SSH and point them to your Unifi controller. It performs discovery via basic L2 broadcast and DNS resolution of hostname unifi, if either of […]

The Network Policy Server Service (NPS or IAS) Fails to Start on Windows SBS Server 2008 with an unspecified error (0x80004005)

So I was recently helping out a client clean up their Small Business Server environment, one thing they weren’t using was SharePoint, so we decided to remove it from their SBS 2008 server. The removal went smoothly, simply uninstalling SharePoint Services via Add/Remove control panel did the trick. But after a restart we found that […]