Authentication types ADFS Windows 2012 R2

Question

User-465255211 posted

Hi,

when I access (https://companycom.br/adfs/ls/idpinitiatedsignon) on my internal network it shows the FBA for authentication and SSO works perfectly.

When I do an external access the FBA screen appears, but when I click on connect it shows a window to insert the user and password in a box.

In the global settings, ADFS is enabled on the extranet to use the FBA. While on the Intranet it is configured to use FBA and Windows Integration.

I noticed that when the FBA is not checked, the ADFS screen does not appear and shows the popup for authentication immediately.

This test works on any browser, since I already included Chrome and Mozilla in ADFS to work with all browsers.

Is this normal behavior?

I want the FBA to appear and the fields for filling in the user and password. And not the popup.

Thanks.

Answer 1

User753101303 posted

Hi,

It seems to work how you want here ie Windows authentication on the internal network and showing the ADFS form rather the browser dialog outside of our network.

Now Im' not on the admin side and have no idea about how ADFS is configured. For now it seems a problem in how ADFS finds from where comes the source request. A forum focused on Windowxs administration if not ADFS would be likely better.

Edit: see ,perhaps https://social.technet.microsoft.com/Forums/en-US/83dd7cb3-de18-4c87-9a99-256aa6a08ae4/adfs-access-from-the-internet and related links. My understanding is that it could be based on having a distinct IP destination address for the ADFS server depending if the name resolution is done by an internal or external machine ????