標籤:err ad fs source div its rdp nbsp cap from
預設安裝完成ADFS 之後,AD FS 2012 R2 and 2016 有the ldpinitiatedsignon.aspx page,
地址:https://sts.focuswincloud.cn/adfs/ls/idpinitiatedsignon.aspx
但是在Windows server 2012 R2 裡面是正常的
Windows server 2016 預設開啟報錯:
Usually after building an AD FS/WAP farm I test locally from the Internet and the Intranet using (to-date) a fairly reliable source of verification that the service is up and running. I’m referring to, of course, the IdP sign-in page (../adfs/ls/idpinitiatedsignon.aspx). This offers a simple way of validating login via AD FS.
With Windows Server 2016, this page is no longer surfaced “out-of-the-box”.. if you want to do a SAML 2.0 IdP-initiated sign-on, this functionality will need to be enabled. Otherwise, connecting to the obligatory sign-in page, will produce an error similar to the following:
Testing from the Web Application Proxy itself directly, pointing to the AD FS farm, we may see an HTTP 503 Service Not Available error.
Via Powershell, it can be switched back on:
set-adfsproperties -EnableIdpInitiatedSignon $True
Windows Server 2016 AD FS 測試登陸介面配置報錯