Office 365 – Secure Score is now in preview

Security is a key point when moving / using a cloud service. Microsoft has made (and still making) lot of investment to ensure data and account security and help customers to get the most of it. A new step has just been done with the release in preview of Secure Score; a toolset integrated with Office 365 which is giving you an overview of your security level (like the credit…

Read More

ADFS 4 – Enable device authentication method

With ADFS 4, you can easily enable device authentication as authentication method. This authentication method was already available in ADFS 3 but only as additional authentication method; with ADFS 4 this becomes also available as primary authentication method.   Upgrade Active Directory Federation schema This step is required if already have deployed a previous version of ADFS within your Active Directory and/or if your are not yet running Active Directory…

Read More

ADFS 4 – Enable Azure MFA as authentication method and/or multi factor authentication for ADFS

One of the improvements with ADFS 4 (on Windows Server 2016) is the integration of Azure MFA as multi factor authentication method as well as primary authentication method; you can still use the certificate based or the Azure MFA Server (see http://blog.hametbenoit.info/Lists/Posts/Post.aspx?ID=618) for the multi factor methods. If you want to enable Azure MFA with ADFS 4, you need to follow these steps: generate a certificate for your Azure MFA…

Read More

Windows Server 2016 – ADFS 4 idpinitiatedsignon is disabled by default

As you may know, a quick way to test your ADFS deployment is to access the idpinitiatedsignon sign page. As usual, I tried it after deploying my new ADFS 4.0 server and… got this error message The resource you are trying to access is not available. Contact your administrator for more information.   And the following event is logged Log Name:      AD FS/Admin Source:        AD FS Date:          2/10/2016 7:22:24 AM…

Read More

Windows Server 2016 – ADFS 4.0 now support certificate authentication on port 443

You may already know that ADFS 3.0 (on Windows Server 2012 R2) already supports certificate authentication BUT using a different communication port than 443 (in fact 49443). With ADFS 4.0 (on Windows Server 2016), the certificate authentication can now use the 443 communication port, making thing easier to implement multi factor authentication using user certificate. To be take advantage of this new capability, you need to update your ADFS certificate…

Read More