Category: Troubleshooting

Microsoft Company Portal temporary unavailable error troubleshooting

Recently was assisting the Intune team to troubleshoot “Company Portal Temporary Unavailable” error for the iOS devices. The Azure AD was federated with AD FS. Looking at the Company Portal logs from mobile device the following detailed error message was discovered (extracted the part we are interested in): InAppProcess : {context = "Failed to fetch … Continue reading Microsoft Company Portal temporary unavailable error troubleshooting

AD FS 2016 Extranet Smart Lockout eventIDs 1203 and 1210 clarification

Continuing my journey of learning the great AD FS Extranet Smart Lockout (ESL) feature. As mentioned in my other post, the enhancement were made in AD FS 2016 auditing and there will be Event ID 1203 logged in the ADFS Security log by ADFS Auditing in case there was a failure to validate user credentials … Continue reading AD FS 2016 Extranet Smart Lockout eventIDs 1203 and 1210 clarification

AD FS Extranet Smart Lockout user management via remote PowerShell

Recently had experienced issue when trying to execute AD FS Extranet Smart Lockout user management cmdlet via remote PowerShell. Error in PowerShell: Exception of type 'Microsoft.IdentityServer.User.UserActivityRestServiceException' was thrown. + CategoryInfo         : NotSpecified: (:) [Get-AdfsAccountActivity], User ActivityRestServiceException + FullyQualifiedErrorId : Microsoft.IdentityServer.User.UserActivityRestSer viceException,Microsoft.IdentityServer.Management.Commands.GetAdfsAccountAc tivity + PSComputerName       : Win2016-ADFS01 In AD FS Admin logs on Win2016-ADFS01 server saw … Continue reading AD FS Extranet Smart Lockout user management via remote PowerShell

Internal application published via Azure AD Application Proxy access issues troubleshooting

Recently was troubleshooting the issue when the internal application portal page was not loaded (part of the portal was not loaded at all) when accessed via Azure AD Application Proxy (AAD AP). The application in question was Dell Storage Manager web console, but the troubleshooting steps described below are applicable to any application. First thing … Continue reading Internal application published via Azure AD Application Proxy access issues troubleshooting

AD FS Relying Party certificates errors troubleshooting (EventID 317)

Customer has configured the new Relying Party Trust by using the Relying Party Trust Wizard and importing the data from the file that was downloaded earlier on the management computer. When testing the Relying Party sign-on, the application was returning the error “An error SAML response status was received. urn:oasis:names:tc:SAML:2.0:status:Responder” Per following article https://msdn.microsoft.com/en-us/library/hh269642.aspx this … Continue reading AD FS Relying Party certificates errors troubleshooting (EventID 317)

AD FS 2.0 and Safari (iOS 9 and iOS 10) sign in issue (authentication cookies size issue)

Recently have been working on the issue when the users on iOS 9 and 10 were not able to complete the authentication from outside of corporate network (via AD FS Proxy). The users were getting the error – “There was a problem accessing the site. Try to browse to the site again. Reference number: XXX”. … Continue reading AD FS 2.0 and Safari (iOS 9 and iOS 10) sign in issue (authentication cookies size issue)

Azure Multi-Factor Authentication Server not sending emails out for new users

Recently was troubleshooting the issue when no email is sent to the new MFA server users regardless all the configurations seems to be correct. See following official documentation for more details.  Because Administrator was able to send the Update email to the end user, we excluded the improper SMTP server configuration. Per MFA server Help … Continue reading Azure Multi-Factor Authentication Server not sending emails out for new users