Forum Discussion
ADFS 4.0 and Office 365 - Internal CA
Studying to prepare exams 70-346 Managing O365 identities... and reading https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-certificates-ad-fs-wap it seems to be possible to use a Service Communication Certificate issued by an internal Root CA. Correct?
I'm asking as I set up a test environment with an internal CA, trusted by the connecting client, but the user is not authenticated, without any error on ADFS Server or WAP server event viewer. It I mistype the password, I get the error both on authentication page and event viewer.
Thank you for you support,
Enrico
Nope, AD FS only works for on-premises accounts (synced to Office 365 or manually "matched").
3 Replies
It's possible, yes, and should be working. Any particular error you are receiving on the client side? "Success" events are not audited by default, so you might simply be missing those in the event logs - make sure to enable logging for them as detailed for example here: http://jorgequestforknowledge.wordpress.com/2013/07/08/enabling-auditing-of-issued-claims-in-adfs-v2-x-and-adfs-v3-x/
- Hello Vasil.
Probably in my test I'm trying to do sthg it's not correct, so I take the opportunity to ask you before doing unuseful troubleshooting.
The office 365 account is "in cloud" created, and I would like to authenticate it using ADFS without setting up an Azure AD Connect to sync the two entities. (I cannot do it because there is another O365 tenant synced with the on premise AD)
Is this scenario possible?
Thank you for your kind response. Kind regards,
EnricoNope, AD FS only works for on-premises accounts (synced to Office 365 or manually "matched").
