Turbulence

The bumpy world of clouds and applications

How to customize the AD FS corporate logon page

  • Comments 3
  • Likes

Hi everyone

With older versions of AD FS you could customize the look and feel using web design. With 2012 R2, there is no more dependence on IIS, with AD FS now built directly on top of HTTP.SYS, meaning no installation of IIS is required. You can read all the PowerShell commands on TechNet.

I had a few questions on this so below I have shared the commands we used to configure contosodemo.com.

The page looks like this:

image

image

And here are the commands run to configure as an example of how you can do this.

Set-AdfsGlobalWebContent -CompanyName "ContosoDemo.Com"
Set-AdfsGlobalWebContent -ErrorPageSupportEmail "Report this error"
Set-AdfsGlobalWebContent -ErrorPageDescriptionText "Access Denied"
Set-AdfsGlobalWebContent -HelpDeskLink "https://adfs.contosodemo.com/adfs/portal/updatepassword/"
Set-AdfsGlobalWebContent -HelpDeskLinkText "Change Password"
Set-AdfsGlobalWebContent -Homelink "https://www.contosodemo.com"
Set-AdfsGlobalWebContent -HomelinkText "Website"
Set-AdfsGlobalWebContent -PrivacyLink "http://www.contosodemo.com/privacy"
Set-AdfsGlobalWebContent -PrivacyLinkText "Privacy Statement"
Set-AdfsWebTheme -TargetName default -Logo @{path="C:\scripts\images\ContosoDemoLogo.png"}
Set-AdfsWebTheme -TargetName default -Illustration @{path="C:\scripts\images\family.jpg"}
Set-AdfsGlobalWebContent -SignInPageDescriptionText "<p>Access to ContosoDemo.Com resources may require device registration.<br><br>You can change your password using the 'Change Password' link below after you have registered your device.</p>"
Set-AdfsGlobalWebContent -UpdatePasswordPageDescriptionText "Please enter your user account, old password and your new desired password twice. Note that your new password must meet the ContosoDemo.com password complexity requirements."
Set-AdfsRelyingPartyWebContent -Name "sharepoint" -ErrorPageAuthorizationErrorMessage "<p style='font-size:0.9em'>ContosoDemo.com requires you to workplace join your device to access this resource.</p><br><p>On your <b>Windows 8.1 device</b>, use <b>PC Settings<b> to join your device to the workplace</p><br><p?On your <b>iOS</b> device, click <a href=https://adfs.contosodemo.com/enrollmentserver/otaprofile>here</a> to join your device to the workplace</p><br><p style='font-size:1.0em'>Please close the browser and access the application after you have workplace joined your device.<p>"
Set-AdfsGlobalWebContent -ErrorPageDeviceAuthenticationErrorMessage "We were unable to authenticate your device. Either your device is not registered or the certificate your device presented is invalid.  Please register your device and try again."
Set-AdfsGlobalWebContent -ErrorPageGenericErrorMessage "An unexpected error has occurred, please let the administrators know"
Set-AdfsGlobalWebContent -ErrorPageAuthorizationErrorMessage "Sorry, we were unable to authorize your access, please try again. If this error persists, please contact the administrators."

I hope that’s a useful example.

A.

Comments
  • Alot

  • Thanks Adam !!!

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment