Welcome! Log In Create A New Profile

Advanced

MS ADFS and Nginx as a LoadBalancer

Posted by cisaksen 
MS ADFS and Nginx as a LoadBalancer
April 07, 2016 12:55PM
Recently I migrate/upgrade our Nginx Load Balancer from version 1.9.5 to 1.9.14 and we were handling Microsoft ADFS traffic through it. After the upgrade to 1.9.14 the Active Sync & Outlook authentication started failing, but the web authentication (OWA) still worked.

It was determined that Nginx was no longer passing the information correctly to the ADFS proxies. We have taken the ADFS traffic out but we are very curious why all of sudden why it stop working.

network topology: World <--> NGINX LB <--> Pair of ADFS Proxies

ADFS 2.0 of server 2008 R2
Nginx 1.9.5 to 1.9.14
SSL communication all the way through, NOT using HTTP2.

Any ideas are welcome. Thanks
Re: MS ADFS and Nginx as a LoadBalancer
April 07, 2016 01:26PM
Anything in the log files? enable debug to see more logging.
You might need to do some wiresharking to see whats going on.

---
nginx for Windows http://nginx-win.ecsds.eu/
Re: MS ADFS and Nginx as a LoadBalancer
April 07, 2016 01:37PM
Should have stated that nginx in running on Linux (SLES 12). We had to pull it out to get email back in operation so putting back to test is out of the question at this time. We currently don't have a good way to test ADFS traffic but we are working on one.
Re: MS ADFS and Nginx as a LoadBalancer
April 07, 2016 03:16PM
Create a second DNS and a second nginx instance same config, enable debugging, route 5-10 clients to this test instance, watch logs.

---
nginx for Windows http://nginx-win.ecsds.eu/
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 75
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready