SAML Auto Login with ADFS (in Intranet)
Step 1: In the AD FS server, under Authentication Methods, make sure that Windows Authentication is selected.
Step 2: Run the below powershell query to check if "Chrome" is present in the supported WIA agents:
Get-AdfsProperties | Select -ExpandProperty WIASupportedUserAgents
If Chrome is not present, then the following query can be run to add chrome to the supported user agents.
Set-AdfsProperties -WIASupportedUserAgents ((Get-ADFSProperties | Select -ExpandProperty WIASupportedUserAgents) + "Chrome")
In the client machine (user machine), open Internet Options and add your ADFS URL in Local intranet Sites (or under Trusted Sites if your url is in https)
Click on Custom Level... and under User Authentication -> Logon -> choose Automatic Logon with current username and password
Once these settings are saved, your ADFS will directly use your machine credentials when you are in your intranet and when you're connected to the internet, the following popup will be shown, which still can be used to log in to ADFS.
New to ADSelfService Plus?
How to get SAML tracer output for a SAML based login-attempt?
You can use your favourite SAML tracer browser plugin. Here we used SAML-tracer in a chromium-based browser. To provide us with SAML tracer output of SAML login attempt, please follow the steps below. 1. Go to SDP's login screen and click on SAML ...
Auto select the domain name in the login page
Domains of a user can be auto filled during login. This can be achieved by searching for the domain names associated with the provided username in the login page. Say, username 'vembu' exists in only one domain 'Zoho'. So, when we enter the username ...
How to configure SAML with Azure AD
This guide will help us configure SAML for users who want to use Azure AD as their IdP and also give you insights on a few issues that you might run into while configuring SAML in an Azure Environment. In an ideal environment, customers will have an ...
How to Configure SAML for Hybrid Azure AD in SDP
This article provides a workaround for older SDP builds (below 11200) alone that did not support EmailAddress as the NameID format. Moreover, this workaround is applicable only for environments that sync their On-Premise AD users to their Azure using ...
This report is used to find the Technician and Requester Login frequency. SELECT AaaUser.FIRST_NAME "Technician", MAX(AaaLogin.NAME) "LoginName", MAX(AaaContactInfo.EMAILID) "Email", MAX(AaaAccSession.USER_HOST) "IP Address", ...