adfs and wia fallback

Copper Contributor



current setup. 

1. login to 3rd party web app using ADFS

2. WIA works from domain joined clients on LAN

3. all external clients login using forms based og login page on ADFS

4. internal non-domain joined clients and iPads/Macs won't fallback to username/password on internal LAN, and will somehow go directly to 3rd parties web app showing Accecss Denied

5. 3rd party web app is configured to use WIA when auth request comes from our LAN public IPs, and password protect when it comes from any other public IPs



1. having non-domain joined clients, and non windows systems fallback to username/password auth when on LAN


Troubleshooting steps taken

1. get-AdfsGlobalAuthenticationPolicy

PrimaryIntranetAuthenticationProvider - (FormsAuthentication, WindowsAuthentication)

WindowsIntegratedFallbackEnabled - True

2. added Chrome iOS agent to supported agents (Mozilla/5.0 (Macintosh; Intel Mac OSX)


Will this have to be tweaked at 3rd party web app aswell? 
We have other 3rd party systems configured and they work with WIA fallback

1 Reply


Hello! You've posted your question in the Community Discussion space, which is intended for discussion around the Tech Community website itself, not product questions. I'm moving your question to the Windows Server space- please post Windows Server questions here in the future.