RSA SecurID Access SAML Configuration for Microsoft Office 365 issue – “AADSTS50008: Unable to verify token signature. The signing key identifier does not match any valid registered keys”

There recently have been couple cases when the customers who has configured the Azure AD federation with RSA SecureID by following these instructions https://community.rsa.com/docs/DOC-1019 were randomly experiencing the error during users sign in: “AADSTS50008: Unable to verify token signature. The signing key identifier does not match any valid registered keys”. The issue temporary goes away … Continue reading RSA SecurID Access SAML Configuration for Microsoft Office 365 issue – “AADSTS50008: Unable to verify token signature. The signing key identifier does not match any valid registered keys” →

AD FS 2016 Access Control Policies troubleshooting

The Access Control (AC) policies were introduced in AD FS 2016. See this official documentation to get familiar with AD FS Access Control policies concept and settings. Recently had to troubleshoot the following scenario. Customer has Hybrid Exchange environment with email boxes located in on premises Exchange 2010 and archives located in Exchange Online. Exchange … Continue reading AD FS 2016 Access Control Policies troubleshooting →

ADFS – MSIS7012 and MSIS8006 errors

Issue symptom Some of the federated users are not able to sign in Office 365 portal. In ADFS Admin logs see EventID 111 and 364 with following error message: Protocol Name: wsfed Relying Party: urn:federation:MicrosoftOnline Exception details: Microsoft.IdentityServer.RequestFailedException: MSIS7012: An error occurred while processing the request. Contact your administrator for details. ---> Microsoft.IdentityServer.Service.SecurityTokenService.ADAccountValidationException: MSIS8006: Query … Continue reading ADFS – MSIS7012 and MSIS8006 errors →