ADFS Integrated Windows Authentication

70 views Asked by At

I am configuring Integrated Windows Authentication on ADFS.

I have referred this document to configure this.

Also I have added SPN values by following commands to create two SPNs, a fully-qualified name and a server name:

setspn -s HTTP/<dns_name> <account_name>
setspn -s HTTP/<adfs_server_name> <account_name>

These SPNs are configured in the ADFS Service account.

Currently windows authentication is working with Firefox browser, but not working on Chrome.

After successful authentication on Windows machine, When user hits the ADFS url, it asks for authentication. I have configured another IDP also. So, when we select the IDP as Active Directory, it shows the pop up Form to enter the username and password. But without putting the credentials, if we click on sign in, it directly gets authenticated to adfs. But this flow is working in Firefox only. When we use chrome, it shows the adfs error:

enter image description here

I have also used this command for browser agents:

Set-ADFSProperties -WIASupportedUserAgents @("MSIE 6.0", "MSIE 7.0", "MSIE 8.0", "MSIE 9.0", "MSIE 10.0", "MSIE 11.0", "Trident/7.0", "MSIPC", "Windows Rights Management Client", "Mozilla/5.0") 

Also on the ADFS server, we have configured Windows Authentication as authentication method for intranet and there is no authentication method configured for extranet.

enter image description here

How to bypass this form authentication for browsers (especially chrome) and use the Windows authentication for ADFS directly?

0

There are 0 answers