Support tickets unresolved after 11 months; escalation requests ignored; stuck in a feedback loop
Hello, We have been unable to update O365 applications for close to a year now. When we update the applications, our end-users are unable to authenticate and receive 1001 errors. We have had a support ticket open now for 11 months. We are stuck in a loop where support asks us to demonstrate the issue. I can consistently reproduce this issue. This is a cry for help. Thanks to anyone who has any suggestions.Windows Hello for Business Configuration Issue with multiple Devices
Hello everyone, We are currently facing an issue with our Windows Hello for Business configuration for Multiple Users/Devices, and I'd like to seek your assistance and insights on this matter. We've implemented Windows Hello for Business through Group Policy (User Configuration) and deployed it within our User Organizational Unit (OU). Initially, everything seemed to be working seamlessly. Users were able to log in to their devices, set up Windows Hello for Business, and use it without any problems. However, a problem arises when the same user attempts to log in from another device. Ideally, we expect the same behavior, where the user gets the Windows Hello configuration, successfully sets up their PIN, and can use it for subsequent logins. However, after a reboot, the user is prompted to log in with their password only, and the Windows Hello Sign-in option does not appear. What's even more concerning is that this issue has now started affecting the user's ability to log in with a PIN on their initial device as well. We would greatly appreciate your insights and suggestions on how to troubleshoot and resolve this issue. If anyone has encountered a similar situation or has any guidance on resolving Windows Hello for Business configuration problems, please share your expertise. Thank you in advance for your assistance. Best regards, Rashad Bakirov
AzureAD Joined Device and onprem w/ PIN
I am working on a scenario where we want to move to Azure ADDS, we still have some need for LDAP/S, Unix, etc but want on prem to go away. Endpoints are already azure AD Joined to the 365 Tenant. Tenant is insync with onprem w/ Azure AD Connect w/ password hash as well... here is where it gets fun...endpoint with password login has no problem accessing onprem file server, but as you know Azure Join Devices force pin enrollment and default to it. When user logs in with PIN, I get cred prompt...eventually this box will goto azure, but I suspect this will occur when it gets out there also... I have attempted AzureAdKerberosServer, oneway trust with AADDS/Local and domain certificate avenue, no love...has anyone gone down this rabbit hole?
How to make Skype for Business and OneDrive automatically insert credentials on launch ?
We have a client, that wants new users to sign in to a domain joined computer and automatically get signed in to Outlook, Skype for Business and OneDrive. Now the client has an on-premise Active Directory which is synced with AAD Connect to Office 365. So desktop applications are Office 365. Now, I have configured Seamless Single Sign On feature and configure modern authentications, pushed intranet sites with GPO. This has solved half of the issue, now the users don't have to enter their password, only email. But Outlook and Teams for example already automatically get their email address entered into Sign in Address bars, that can't be said for Skype for Business and OneDrive though, I still need to manually enter email addresses there and let sSSO do it's work. Now my question is this, is it possible to make it so, that all of the remaining applications (Skype for Business and OneDrive) would automatically insert user's email address into Sign in Address (or email address, or user name, etc.) on first launch?Password Write Back not working
We are using Azure AD connector for syncing users accounts from AD > Azure. Now we want to use the write back solution, but we are getting an error, ID 31035. Steps I have already done in Azure AD connect: Use a admin user of the Azure AD Use a special local AD user with right to change password Admin user in Azure AD ánd the test user have Azure Premium licenses Checked in powershell if PassWordReset is running Disable firewall 'ADFS' server Restarted the service on the 'ADFS' server No luck... Any other solution?ADFS Device Registration cross forest
Hi all, is it possible to do device registration (and claims) across a forest trust? it looks to me like it isnt possible due to the limitation of the Enable-AdfsDeviceRegistration -DeviceLocation command being "a domain within the same forest" is there any other way to make this work cross forest? or is this a scenario for additional ADFS farms or moving to Azure AD registration and authentication? (tagged ADFS 2016, its actually 2012 R2) Thanks PeteADFS Device Registration cross forest
Hi all, is it possible to do device registration (and claims) across a forest trust? it looks to me like it isnt possible due to the limitation of the Enable-AdfsDeviceRegistration -DeviceLocation command being "a domain within the same forest" is there any other way to make this work cross forest? or is this a scenario for additional ADFS farms or moving to Azure AD registration and authentication? (tagged ADFS 2016, its actually 2012 R2) Thanks Pete
If ADFS service is down, Azure Traffic Manager does not respond about it
We have configured ADFS Farm. There are 2 ADFS Servers. There are 2 WAP Servers. There is 1 Azure Traffic Manager which interacts with WAP servers through endpoints. If WAP service is down in any WAP Servers, Azure Traffic Manager responds about it. But If ADFS service is down in any ADFS Servers, Azure Traffic Manager does not respond about it. How to make it respond if any ADFS Service is down? I will appriciate your response. Thanks.Please provide Production Support Guidelines for ADFS and SSO with Office 365
Hi Team, Please provide Production Support Guidelines for On-Premises ADFS Farm (windows 2016 servers) and SSO with Office 365 to prevent downtime. What should be some standard measures need to be performed to manage ADFS, WAP Servers and SSO with Office 365? We are using 4 VMs of version windows server 2016 for ADFS Farm and WID database. What should be backed up and frequency of backups? Thanks a lot
