Windows 10: Sharepoint 2019 OnPremise and ADFS authentication loop

Hi,I'm setting up ADFS for Sharepoint 2019 OnPremise. Sucessfully integrated SPTrustedIdentityTokenIssuer with ADFS endpoint. I can also sucessfully login in ADFS test page.I'm stuck on the Sharepoint Sing in page loop after succesful ADFS user logon. I can see the eventid 4634 "logoff session" for that user in ADFS events.I need some assistance or guidelines as I've found nothing useful in forums.Your help is much appreciated.

:)

 

Recommendation: Load balancer for ADFS environment?

We want to put in ADFS for our current network to support about 30K authenticated users, currently to start off just for sharepoint application, but potentially will support other application/ users as well.

Looking for recommendation on whether we should go with virtual or hardware based Load Balancer, and
which vendor of LB that people tend to adopt for their ADFS and WAP servers? Imagine we'll need to get the LB that can support Layer 7

Here is how we are currently spec'ed out so far:

• 2 WAP servers (Win2016) sit behind a LB and all on DMZ
• 2 ADFS servers (Win2016) sit behind another LB and all on Internal network
• DC server is on Internal network as well

----

Can anyone explain how the traffic/federation process goes (step by step) when user access the website from the internet (please include how request is being passed/redirect between webserver, WAP, ADFS, and DC servers)

Thanks!

 

ADFS authentication loop on login page

I deployed a HA ADFS environment with NLB.

There are several URLs can access the ADFS service: https://hostname.domain.local, https://adfs.domain.local, https://nlb-adfs.domain.local.

When I access the ADFS service URL: https://adfs.domain.local, I can authenticate users normally with a signed-in status, but if I try to access the other URLs, the user can't be accessed and will be redirected back to login page again and again.

In the event viewer I can find even id 4672,4623,4634. It seems the user was logged off once it was logged on.

The description of the event id 4634 is

This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.

How can I get through with it?

Thank you!

 

Can't open: SharePoint doesn't support this authentication scheme

Our SharePoint site is externally accessable and is using Claims Based authentication with Basic Authentication enabled. Every time i enter the site url into the sharepoint app for Windows Phone 7 I get the errror "Can't open: SharePoint doesn't
support this authentication scheme". Have Googled this like crazy and can't seem to find any information on this issue.

Dan