locked
Azure AD Connect - no such host is known when configuring proxy RRS feed

  • Question

  • Hi,

    We have an internal Exchange environment which we want to federate with O365. Initially we do not want mail flow to go to O365 - at this moment, I simply want to configure federation and will setup the MX and SPF records for Office 365 at a later date.

    Our environment is as follows:

    ADFS (internal server)

    WAP (DMZ)

    O365 subscription 

    Port 443 is allowed from ADFS to Office 365 and the WAP. The WAP is allowed to communicate with the internal ADFS server using 443. I've installed AD Connect and entered my enterprise admin and O365 credentials, then chosen the option to configure ADFS using AD Connect. I hit an error with the "ADFS Farm\Proxy Servers" as I receive an error stating that "No such host is known". I have a few questions:

    1. How can I get AD Connect to configure ADFS O365 federation ? Presumably I need to open management ports up between the WAP and AD Connect server?
    2. Given that I don't want to configure mail flow for O365, are there any adverse results from selecting the hybrid configuration in AD Connect (I'm aware that certain Exchange attributes are written back on premise and that's fine).

    Thanks

      


    IT Support/Everything

    Monday, April 11, 2016 3:44 PM

Answers

  • As long as WAP has already been installed and the ADFS service has been specified during the WAP setup, then you don't need to use the AD Connect wizard. I simply skipped the WAP section and SSO worked fine :-)

    IT Support/Everything

    • Marked as answer by Aetius2012 Tuesday, April 12, 2016 8:03 PM
    Tuesday, April 12, 2016 8:03 PM

All replies

  • Check if PowerShell remoting is enabled on the WAP machine. You can check the trace log under %localappdata%\AADConnect for detailed error.
    Monday, April 11, 2016 7:07 PM
  • Hi Vasi,

     PS remoting is enabled, but that didn't help. I can telnet from AD connect to WAP over 5985, but not 5986.

    I don't have an SSL certificate matching the server name installed on my WAP server, so maybe that's why I can't connect.

    I've ran through the installation wizard and skipped the WAP component, what do I need to specifically configure in WAP for this to work? (ADFS has been configured via the wizard).


    IT Support/Everything


    • Edited by Aetius2012 Tuesday, April 12, 2016 11:50 AM .
    Tuesday, April 12, 2016 11:24 AM
  • As long as WAP has already been installed and the ADFS service has been specified during the WAP setup, then you don't need to use the AD Connect wizard. I simply skipped the WAP section and SSO worked fine :-)

    IT Support/Everything

    • Marked as answer by Aetius2012 Tuesday, April 12, 2016 8:03 PM
    Tuesday, April 12, 2016 8:03 PM
  • Hi,

    We have an internal Exchange environment which we want to federate with O365. Initially we do not want mail flow to go to O365 - at this moment, I simply want to configure federation and will setup the MX and SPF records for Office 365 at a later date.

    Our environment is as follows:

    ADFS (internal server)

    WAP (DMZ)

    O365 subscription 

    Port 443 is allowed from ADFS to Office 365 and the WAP. The WAP is allowed to communicate with the internal ADFS server using 443. I've installed AD Connect and entered my enterprise admin and O365 credentials, then chosen the option to configure ADFS using AD Connect. I hit an error with the "ADFS Farm\Proxy Servers" as I receive an error stating that "No such host is known". I have a few questions:

    1. How can I get AD Connect to configure ADFS O365 federation ? Presumably I need to open management ports up between the WAP and AD Connect server?
    2. Given that I don't want to configure mail flow for O365, are there any adverse results from selecting the hybrid configuration in AD Connect (I'm aware that certain Exchange attributes are written back on premise and that's fine).

    Thanks

      


    IT Support/Everything

    You are probably trying to add a Web Application Proxy (WAP) that is located non-domain joined. Please refer to the following link for more information:

    Prerequisites for federation installation and configuration (Windows Remote Management)
    https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-prerequisites#windows-remote-management


    Boudewijn Plomp | Conclusion FIT

    Please remember, if you see a post that helped you please click "Vote as Helpful", and if it answered your question, please click "Mark as Answer". This posting is provided "AS IS" with no warranties, and confers no rights.

    Monday, January 9, 2017 2:30 PM