Azure federated users unable to login to Windows 10

We have setup our on-premise AD with ADFS to enable login for Active Directory users to Azure AD. This configuration is done like this articel http://www.ruudborst.nl/multi-tenant-azure-federation-wi...

Azure Active Directory (AAD)

Identity Management

Bjorn Mereboer

Copper Contributor

Jul 13, 2017

Jairo Cadena,

Both the endpoints are enabled. even on the adfs proxies.

I've did some network sniffing during Azure AD Join, and this is what's happening.

1 - http://login.microsoftonline.com:443
2 - https://login.microsoftonline.com/webapp/UnifiedEnrollment/3
3 - http://secure.aadcdn.microsoftonline-p.com:443
4 - https://login.microsoftonline.com/WebApp/CloudDomainJoin/8
5 - https://login.microsoftonline.com/common/.well-known/openid-configuration
6 - https://login.microsoftonline.com/common/oauth2/authorize?client_id=1b89ed98-a469-4536-ade2-f981bc1d605e&instance_aware=true&msafed=0&nonce=e3e9a3fb-f9ee-426c-b1ce-b6902302d21e&prompt=login&redirect_uri=ms-aadj-redir%3A%2F%2Fauth%2Fdrs&resource=01cb2876-7ebd-4aa4-9cc9-d28bd4d359a9&response_type=code%20id_token&scope=openid%20sid&windows_api_version=2.1
7 - http://secure.aadcdn.microsoftonline-p.com:443
8 - https://login.microsoftonline.com/common/GetCredentialType

After these step the following error is displayed.

Anonymous

Jul 20, 2017

have you enable in your ADFS on-prem a service endpoint ?

adfs/services/trust/13/windowstransport

your computer windows 10 is integrated as Azure AD join or in your domain on-prem ?

Do you use a proxy in your enterprise for going out to microsoft ?

Forum Discussion

Azure federated users unable to login to Windows 10

Resources