Office 365 ADFS certificate expired

Today I faced a problem. The ADFS certificate that we used for Office 365 was going to expire over 2 weeks. However the connection to Office 365 already was failing. I do not exactly know what the policy is for ADFS of outdated certificates but it looks like ADFS already invalidates certificates two weeks before they really expire.

This is not an Office 365 problem because other services that used our ADFS also had the same problem. To solve it on the other services it was simply updating the thumbprint of the trusted issuer but how do you do this in Office 365?

I succeeded with the following steps
  1. Start up "Microsoft Online Services-module for Windows Powershell". You can download this module for PowerShell if you not already done this on (http://onlinehelp.microsoft.com/en-us/office365-enterprises/ff652560.aspx ).
  2. Connect to your Office 365 environement by the following statement
$cred = Get-Credential

  1. Use your first admin account to login (the account with the onmicrosoft.com address). If you do not have this account anymore then I do not know a solution. Your normal account probably will not work because ADFS is failing. The first time I did this I got an message that my password needed to be changed and I need to contact the administrator.... You can however change it by login in on https://portal.microsoftonline.com/ and using your old password.
  2. Next step is to connect to Office 365 by the following statement
Connect-MsolService -Credential $cred
  1. When succeeded you can check the current thumbprint with the following statement
Get-MsolFederationProperty -domainname "your adfs domain name"
  1. When there are faults in the federation properties then you can reset it by first running the following command
Set-MsolADFSContext -computer "your adfs internal server name"
  1. Followed by the following statement to update your federation domain in Office 365
Update-MsolFederatedDomain

That fixed the problem for me. Probably I am going to need this blog next year again....

Location: Utrecht, Nederland

Comments

AAD said…
powershell saves the day !
May 17, 2012 at 1:54 PM
erectile said…
This web site truly has all the information I wanted concerning this subject and didn't know who to ask.
November 25, 2020 at 3:42 PM
erectile dysfunction natural remedies said…
Woah! I'm really loving the template/theme of this blog. It's simple, yet effective. A lot of times it's very hard to get that "perfect balance" between usability and visual appeal. I must say you have done a awesome job with this. Additionally, the blog loads extremely quick for me on Internet explorer. Excellent Blog!
November 25, 2020 at 3:45 PM
Post a Comment

Popular posts from this blog

System.Net.Http dll version problems

Last few weeks we had problems with referencing the correct System.Net.Http version. This is probably because some components use internally higher versions (.NET Core with System.Net.Http 4.2.0.0) compared to the versions that are available in NuGet. Frequently we got errors like: Could not load file or assembly 'System.Net.Http, Version=4.1.1.2, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040) What is the solution.... That is a great questions. But we do not have the satisfying answer yet. What we currently do is the following. - Use in all projects the same System.Net.Http version, currently we use v4.3.3 from nugget - Compile the code and check in the resulting Bin folder what the resulting System.Net.Http version is - Use this version as BindingRedirect in the app.config / web.config like <dependentAssembly>...
Read more

SharePoint Survey Back Button

On Internet I could not find a correct solution for implementing a back button in a survey. After some search I found some near implementations but not an implementation that fully worked. One that inspired me was http://sharepointbender.blogspot.nl/2012/04/creating-back-button-on-sharepoint-2010.html but I found the history.back(-2) not satisfying. I wrote my one version in Javascript that uses the FirstField parameter of the survey to implement a correct behaviour. I hope it makes you happy. In the edit form I added a script link to the code below and i added the following statement spbackButton.init("Name of list"); In an javascript file I included the following code. var spbackButton = (function () { var _prevFieldsArray = new Array(); var _currentStep; var _prevPageStep; function setCookie(c_name,value,exdays) { var exdate=new Date(); exdate.setDate(exdate.getDate() + exdays); var c...
Read more

Azure table storage error: One of the request inputs is not valid

Lately I often work with Azure table storage. However I had to deal with a lot of different "{number}:One of the request inputs is not valid" exceptions. I did not find a collection that related the error number with a fault so I start creating my own collection here. 0:One of the request inputs is not valid. Occured when used characters in my partition key / row key. There are limitations on the characters that you can use. For instance / and \ are not allowed. For the details see https://msdn.microsoft.com/en-us/library/dd179338  section "Characters Disallowed in Key Fields" 2:One of the request inputs is not valid. Occurred when working with Azure batch operations. When you include in one batch two table entities with the same partitionkey and rowkey then you will get this error. Solution: Validate that within one batch there are not multiple the same partition / row keys 8:One of the request inputs is not valid.\ Occurred when working with ...
Read more