Microsoft ADFS 3 /adfs/portal/updatepassword page

Started by Dieselboy, May 22, 2019, 11:53:18 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Dieselboy

May 22, 2019, 11:53:18 PM
ADFS 3.0 provides a web page portal for changing your user account AD password. It is disabled by default. The URL is https://sso.company.com/adfs/portal/updatepassword
(obviously replace the host with the correct url.

I set this up many years ago. I'm moving this SSO config to another server instance. I was unable to get this web portal page to work. Event viewer had the error:

Code Select
Exception details:
Microsoft.IdentityServer.RequestFailedException: MSIS7065: There are no registered protocol handlers on path /adfs/ls/updatepassword/ to process the incoming request.
   at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)


The endpoint was indeed enabled, so I couldnt understand this. I disabled the endpoint and re-enabled it, rebooted the server etc - no dice.

Eventually I found someones google doc via a google search (https://docs.google.com/document/d/1IPvxCd0R2lobWh3_pJR5lUGNTJYRQGOur7udLLLuVH0/edit) and it explained that a hotfix was needed to enable this feature to work without the ADFS trying to authenticate the device as a registered device.

So once I installed the hotfix from here: https://www.catalog.update.microsoft.com/Search.aspx?q=3035025 and then rebooted, all is working again.

deanwebb

#1
May 23, 2019, 04:46:51 PM
:coolstory:

Seriously, stuff like this is good to file away in the back of our brains, in case we see something similar in the future. I'm always working with Windows, and it's good to remember to check to see if a hotfix is needed to, well... hotfix something.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

Dieselboy

#2
May 23, 2019, 09:23:10 PM
I searched high and low for this one. The fact I had it working on another VM said to me I'd worked through this hurdle before (and obviously not made any notes).

deanwebb

#3
June 04, 2019, 05:34:06 PM
Quote from: Dieselboy on May 23, 2019, 09:23:10 PM
I searched high and low for this one. The fact I had it working on another VM said to me I'd worked through this hurdle before (and obviously not made any notes).

Hey, it wouldn't be the first time this forum was used as a personal knowledge base reference...  :whistle:
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.
Print
Go Up Pages1
User actions