zoukankan      html  css  js  c++  java
  • ADFS验证报错---How to Enable IdpInitiatedSignon Page In AD FS 2016

    One of the deployment validation and testing tools which was also present in earlier AD FS releases is the /IdpInitiatedSignon.htm page.  This page is available by default in the AD FS 2012 R2 and earlier versions.  Though it should be noted this page is disabled by default in AD FS 2016.

    From the system you wish to test from, navigate to the AD FS namespace's idpinitiatedsignonpage.  This will be in the format of:

    https://<AD FS name>.tailspintoys.ca/adfs/ls/idpinitiatedsignon.htm

    In this case the AD FS namespace is adfs.tailspintoys.ca so the test URL is:

    https://adfs.tailspintoys.ca/adfs/ls/idpinitiatedsignon.htm

    Alternatively a lot of deployments use the Secure Token Service (STS) as the namespace.  An example would be:

    https://sts.tailspintoys.ca/adfs/ls/idpinitiatedsignon.htm

    IdpInitiatedSignon Page On Windows 2012 R2

    The IdpInitiatedSignonPage is enabled by default on Windows 2012 R2 AD FS.  The Tailspintoys example is shown below.

    Testing IdpInitiatedSignon Page On Windows 2016

    The IdpInitiatedSignon page is disabled by default on AD FS 2016.  If you attempt to navigate to the URL, the below error will be displayed:

    The displayed error was:

    An error occurred

    The resource you are trying to access is not available. Contact your administrator for more information.

    Enabling IdpInitiatedSignon Page On Windows 2016

    The idpInitiatedSignon page is controlled via the EnableIdpInitiatedSignonPage property on the AD FS farm.

    In the below example we will check the current status of the EnableIdpInitiatedSignonPage property, noting that it is set to $False.

    Get-AdfsProperties | Select-Object EnableIdpInitiatedSignonpage

    To enable the EnableIdpInitiatedSignonPage, it is simply a matter of setting EnableIdpInitiatedSignonPage to $True

    Set-AdfsProperties –EnableIdpInitiatedSignonPage $True

    Verifying IdpInitiatedSignon Page Functions On Windows 2016

    Now that we have set EnableIdpInitiatedSignonPage to $True, we can verify that the page works.

    Note that in the below example, the AD FS namespace has been added to he local intranet zone in IE so that we can benefit from a slipstreamed logon experience.

    Since the the AD FS namespace is present within the local intranet IE security zone, by default this will provide the credentials to the AD FS endpoint.

     

    As you can see in the highlighted red box – we are now signed in.

     
  • 相关阅读:
    从0开始用Hexo框架搭建个人博客(无坑版)
    Appium常用操作之「Toast提示信息获取」
    Appium常用操作之「微信滑屏、触屏操作」
    Appium常用操作之「元素定位、swipe 滑屏操作」
    Python+Appium运行简单的demo,你需要理解Appium运行原理!
    磁盘管理综合测试题
    自总结笔记01(第一章---第七章)
    linux里配置静态ip
    chapter06
    chapter05
  • 原文地址:https://www.cnblogs.com/junjiany/p/10368582.html
Copyright © 2011-2022 走看看