Just a wee heads up for rookies like me using ADFS with Mingle.

When installing ADFS, make sure that the server name for the Windows server you install ADFS on is different to the Federation Service name.

So, if your server is called ADFS, and is attached to the domain potatoit.com, then make sure that your federation service name is NOT adfs.potatoit.com.

If you don’t do this you ADFS will appear to work, however you won’t be able to log in.

In my instance, I had followed the ADFS installation wizard, created a self-signed cert, and figured everything would be fine and dandy. But after establishing a trust relationship with another server I would fail to log in with little to no information in the event logs.

To fix, I renamed my server, and then ran the setspn commands

setspn -a host/<Federation Service name> <domain>\<serviceAccount>

setspn -a http/<Federation Service name> <domain>\<serviceAccount>

before restarting ADFS and authentication started working.