cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

ADFS 4.0 and Office 365 - Internal CA

Enrico Giacomin
Copper Contributor

‎Dec 04 2017 04:01 AM - last edited on ‎Feb 01 2023 09:19 AM by

‎Dec 04 2017 04:01 AM - last edited on ‎Feb 01 2023 09:19 AM by

ADFS 4.0 and Office 365 - Internal CA

Studying to prepare exams 70-346 Managing O365 identities... and reading https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-certificates-ad... it seems to be possible to use a Service Communication Certificate issued by an internal Root CA. Correct?

I'm asking as I set up a test environment with an internal CA, trusted by the connecting client, but the user is not authenticated, without any error on ADFS Server or WAP server event viewer. It I mistype the password, I get the error both on authentication page and event viewer.

 

Thank you for you support,

 

Enrico

Labels:
2,070 Views
0 Likes
3 Replies
Reply
3 Replies
Vasil Michev

‎Dec 04 2017 12:55 PM

‎Dec 04 2017 12:55 PM

Re: ADFS 4.0 and Office 365 - Internal CA

It's possible, yes, and should be working. Any particular error you are receiving on the client side? "Success" events are not audited by default, so you might simply be missing those in the event logs - make sure to enable logging for them as detailed for example here: http://jorgequestforknowledge.wordpress.com/2013/07/08/enabling-auditing-of-issued-claims-in-adfs-v2...

0 Likes
Reply
Enrico Giacomin

‎Dec 05 2017 03:50 AM

‎Dec 05 2017 03:50 AM

Re: ADFS 4.0 and Office 365 - Internal CA

Hello Vasil.
Probably in my test I'm trying to do sthg it's not correct, so I take the opportunity to ask you before doing unuseful troubleshooting.
The office 365 account is "in cloud" created, and I would like to authenticate it using ADFS without setting up an Azure AD Connect to sync the two entities. (I cannot do it because there is another O365 tenant synced with the on premise AD)
Is this scenario possible?

Thank you for your kind response. Kind regards,

Enrico
0 Likes
Reply
best response confirmed by Enrico Giacomin (Copper Contributor)
Vasil Michev

‎Dec 05 2017 11:28 AM

‎Dec 05 2017 11:28 AM

Solution

Re: ADFS 4.0 and Office 365 - Internal CA

Nope, AD FS only works for on-premises accounts (synced to Office 365 or manually "matched").

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by Enrico Giacomin (Copper Contributor)
Vasil Michev

‎Dec 05 2017 11:28 AM

‎Dec 05 2017 11:28 AM

Solution

Re: ADFS 4.0 and Office 365 - Internal CA

Nope, AD FS only works for on-premises accounts (synced to Office 365 or manually "matched").

View solution in original post

0 Likes
Reply