Deploy Active Directory Federation Services (AD FS) 3.0 in a pre Windows Server 2012 R2 era

As you probably know a prerequisite for implementing Active Directory Federation Services (AD FS) based on Windows Server 2012 R2 is to have at least a Windows Server 2012 R2 domain controller available in your infrastructure.

image

This in order to take benefit of using Group Managed Service Accounts (GMSA – generated and maintained by the Key Distribution Service (KDS) on at least Windows Server 2012 domain controllers). The same applies to Device Registration service (DRS) aka Workplace Join, which is responsible for activation and enrolment of controlled devices and represented by a new schema class in Active Directory Domain Services (AD DS). Continue reading “Deploy Active Directory Federation Services (AD FS) 3.0 in a pre Windows Server 2012 R2 era”

Windows Intune "Sorry, but we’re having trouble signing you in" error "80041317"

Make sure when updating your configuration settings of the federated domain for the on-premises Active Directory Federation Services (AD FS) service these settings are updated to the Windows Azure Active Directory (Windows Azure AD) authentication system. Last week I updated my on-premises token-signing certificate without updating federation trust data. This causes the claim that the AD FS service supplies to be malformed and therefore rejected by the Windows Azure AD authentication system.

When a federated user tries to sign in to a Microsoft cloud service such as Office 365, Windows Azure, or Windows Intune from a sign-in webpage whose URL starts with “https://login.microsoftonline.com/login,” authentication for that user fails. Additionally, the user receives the following error message:

Sorry, but we’re having trouble signing you in
Please try again in a few minutes. If this doesn’t work, you might want to contact your admin and report the following error:
80041317 or 80043431

Continue reading “Windows Intune "Sorry, but we’re having trouble signing you in" error "80041317"”

Microsoft Assessment and Planning #MAP 6.0 Beta released

The latest beta release from the Microsoft Assessment and Planning (MAP) team provides organizations with tools to accelerate the adoption of Microsoft private and public cloud platforms.

MAP 6.0 Beta: Accelerate the adoption of Microsoft private and public cloud platforms

Planning your journey to the cloud just got a bit easier. The next release of the Microsoft Assessment and Planning (MAP) Toolkit—version 6.0 Beta—includes assessment capabilities to evaluate workloads for both public and private cloud platforms. With MAP 6.0 Beta, you now have the ability to identify workloads and estimate the infrastructure size and resources needed for both Windows Azure and Hyper-V Fast Track. Also new to MAP 6.0 Beta is the Office 365 client assessment, enhanced VMware inventory, and Oracle schema discovery and reporting. Expanded assessment and discovery capabilities from MAP help you streamline planning for your next migration project. Plan what’s next with MAP.

New features and benefits from MAP 6.0 Beta release help you:

·        Analyze your portfolio of applications for a move to the Windows Azure Platform

·        Accelerate planning to private cloud with Hyper-V Cloud Fast Track onboarding

·        Identify migration opportunities with enhanced heterogeneous server environment inventory

·        Assess your client environment for Office 365 readiness

·        Determine readiness for migration to Windows Internet Explorer 9

·        Discover Oracle database schemas for migration to SQL Server

The beta materials can be downloaded on Connect: http://go.microsoft.com/fwlink/?LinkId=219165

This program is now open. The beta review period will run through mid-July, 2011.
To join the beta review program for Microsoft Assessment and Planning (MAP) Toolkit 6.0, visit Microsoft Connect:http://go.microsoft.com/fwlink/?LinkId=219168