1
Vote

Plain365 doesn't work with ADFS

description

I've been trying to use the tool in a SharePoint environment where we're using ADFS to manage 2 separate authentication methods against 2 different active directory trees. There's not a way to pass in an authentication token or prompt for the credential page within the tool, so we get 404 errors and are unable to connect to turn on google analytics:
This url is not working.
System.Net.WebException: The remote server returned an error: (404) Not Found.
at System.Net.HttpWebRequest.GetResponse()
at Plain365.ViewModeISeIectDestinationViewModeI.ExecuteSearch()
Status:ProtocoIError

The issue is that you have to key in a valid sharepoint url and not a url that resolves to a sharepoint site. What I mean is that I have a REST URI that will pass ADFS the credential from the SharePoint Authentication page and then re-direct the user to the requested sharepoint url. However even this technique won't work with Plain365 because it doesn't reach sharepoint until the redirect happens after adfs authentication.
Another option would be to have the tool borrow piggy back on IE web browser credentials. So a user could log in to the sharepoint site using ADFS then fire up the plain365 tool and it would already be authenticated and could just use the windows credential to connect to the site. Plain365 tries to connect to the SharePoint site directly and use the windows credential directly, but that won't work with ADFS. I suspect it may work in other instances also.

Not sure what a work around would be, so I'm not able to add that SharePoint farm to google analytics using Plain365 where it authenticates using ADFS.

comments

BryantAvey wrote Jul 14, 2016 at 12:48 PM

I found a good link on how to obtain the FedAuth cookie from on-prem SharePoint 2013 using ADFS:
http://stackoverflow.com/questions/25339348/how-to-obtain-fedauth-cookie-from-on-premise-sharepoint-2013-and-adfs

Thought it would help with the issue.