I have integrated SSO and ADFS2 with office 365 for a customer and now I'm unable to sign in with any credentials what so ever. I keep getting this message whenever I try to sign in.
| Your organization could not sign you in to this service. |
|
|
There may be a system error. Please contact administrator at your organization if this problem persists. When I tested the connection on testexchangeconnectivity.com it says |
![]() | ExRCA is attempting to retrieve and analyze a security token for user info@kaliteli.net. |
| | An error occurred while attempting to retrieve and analyze the security token. |
| | ![]() | Test Steps | | | ![]() | ExRCA is attempting to authenticate to the security token service at https://adfs.kaliteli.net/adfs/services/trust/2005/usernamemixed. | | | The user was authenticated, and the security token was retrieved successfully. | | | ![]() | Additional Details | | | SAML Token:
<saml:Assertion MajorVersion="1" MinorVersion="1" AssertionID="_f1b7a081-74ba-46a0-bd77-57e4f0a9d11b" Issuer="http://adfs.kaliteli.net/adfs/services/trust" IssueInstant="2013-01-27T21:46:33.764Z" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"><saml:Conditions
NotBefore="2013-01-27T21:46:33.764Z" NotOnOrAfter="2013-01-27T22:46:33.764Z"><saml:AudienceRestrictionCondition><saml:Audience>urn:federation:MicrosoftOnline</saml:Audience></saml:AudienceRestrictionCondition></saml:Conditions><saml:AuthenticationStatement
AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password" AuthenticationInstant="2013-01-27T21:46:33.732Z"><saml:Subject><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod></saml:SubjectConfirmation></saml:Subject></saml:AuthenticationStatement><ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"
/><ds:Reference URI="#_f1b7a081-74ba-46a0-bd77-57e4f0a9d11b"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><ds:DigestValue>s616hJ24QnPXzBKnveJtxZTYEqo=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>IWgXQXYEDZKB1eWRbkovknHW+wmJ+e1B2TD7lL9y3rpJdceYbPIHA6AxjwzkOexrRxG/Vri0qdOOlTHuak5HLYwuSnxvoo6NrMKNsWF1BgXqdT0aPnNSV6/FCucwSzAt9nGHTiJXq54uIQQU8qd4cZAHtPVf9iJLKOsu1NQvaUOuxqWfE3pXWnnC75flsC8xiz/FYtRI7jspLa7soJvnsBtdJzdOBlYNB5DVBHyxVsJ1V5WgCmULDdD+iqsPRkUaoEN9O4Ad+p8D5QYbki8VyN7SdtwFXLnTBpM+wHm3vA39HFY5Ps9TZRcWqJQDFx+0a0a6QQP45KNzZ2UdZY15WA==</ds:SignatureValue><KeyInfo
xmlns="http://www.w3.org/2000/09/xmldsig#"><X509Data><X509Certificate>MIIC3jCCAcagAwIBAgIQFRXRRF7kMKdK9ezv6y7fYTANBgkqhkiG9w0BAQsFADArMSkwJwYDVQQDEyBBREZTIFNpZ25pbmcgLSBhZGZzLmthbGl0ZWxpLm5ldDAeFw0xMzAxMjcxNTA2MzBaFw0xNDAxMjcxNTA2MzBaMCsxKTAnBgNVBAMTIEFERlMgU2lnbmluZyAtIGFkZnMua2FsaXRlbGkubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA98ZpuQv15Mzzw0ar04nl5rNbAVlMLTXXW31fGBplP9i85R5/BSpdWL80caAngSXFmXUxcLj+CH0WMnmMgk5ElG+2CITeJH6vXvZTed6q5lXAQvNUGZLDbesnQR/bvvChrYcGl7ou244jtuGIMxFA91TWrKhUn1BcBKKqMQXagcl0QuQha2T5cjjMoAYR0W6v6WeLTpbLXZML9LiqFGP6nwkuydIB1conwFkWDnEmEmUrfJ0q1BhtVbc8cPJwufYVX0CaVFogkpyV2sSgYJTrajrO52n6wnHOBOUk+MpoTV4hDPt0vqMw46ZROeKlstN3JzKOcZQvOxEY2OVKQTji8wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAc+WKLTrtThSH0Sz5mMffahSrY3E3uUgVSPPRmnEWOK6suU1YpqSULSCobP1kgTltUwj2W8TzIMttdh9BZsgpp1J4UYr1ZKIQuhkb0RI7o1xXSUpg4e/PP6WZ7hceP+Et/94SoewQBRGR4vGhyIUOPEsfsEpPArwRTETVrPm5ygCThHceFMBpsCkhijCieoCi+aaaKQ9ccBOgFHTOxtUlmszA7YKx5mudSo/zlZ3XzFJaA3myfqlKJp2fF6x3/lhrkRxX79C/ArjM5Cgyp0/QlUf+bC64OjRc2iLB46aYhs/4GFwtZ833nexBV7N44u32vN/58C8XW8ZyJnqdPIoBT</X509Certificate></X509Data></KeyInfo></ds:Signature></saml:Assertion> |
|
![]() | ExRCA is analyzing the security token for required elements. | | | Problems were found while analyzing the security token. | | | ![]() | Additional Details | | | The NameIdentifier element wasn't found in the AuthenticationStatement section of the security token. |
|
|
|
--
The user wanted to migrate from Lync online to Lync on-premise, so I managed to install DirSync and sync all users after creating them on Local AD, had few issues with syncing in the beginning but managed to solve this issue after editing some
attributes like mail, proxy address.
Now my customer doesn't have the alternative address which we can reset the password of the admin@company.onmicrosoft.com for. and they don't can't remember the password as well.
I'm stuck. is there any solution for this mess? I will certainly get a MS support but any one else while we get the support?
Mohammed JH
