ADFS/Office 365 SSO 80041034 Error

Recently after configuring Active Directory Federated Services for a customer for Azure AD Premium/Office 365, we received the following error while testing user login to https://portal.office.com:
Sorry, but we’re having trouble signing you in.
Please try again in a few minutes.  If this doesn’t work, you might want to contact your admin and report the following error: 80041034
15-07-2015 10-56-30 a-m-
The obligatory Google search showed potential fixes relating to cached ADFS entries for users post-UPN changes (which we had done as a prereq. for MS Online Services).  We ran the LsaLookupCacheMaxSize fix here: https://support.microsoft.com/en-us/kb/2535191.  This did not resolve the issue.  The other suggestions found online were to convert the MSOL Domain from Federated to Standard and back again.  While I’m sure this would have helped, the easier option was to remove the Relying Party trust from ADFS:
15-07-2015 11-42-41 a-m-
Followed by running the Update-MsolFederatioDomain -DomainName ourexternaldomain.co.nz
15-07-2015 11-42-23 a-m-
This then placed an updated/correct copy of the Relying Party trust into our ADFS server which resolved the issues!

About AJ McKean

Based in sunny Tauranga, New Zealand, AJ McKean is a Senior Systems Engineer in Mt Maunganui. With over 15 years of professional IT experience working in both New Zealand and the United States, he holds several certifications including MCSE(2000-2003), MCITP:Enterprise(2008), MCSA(2012), VMware VCP-DCV5.5, CompTIA A+ & is an HP Storage Architect. He is passionate about all things IT, especially virtualization, automation & cloud technologies.

Leave a Reply

Your email address will not be published. Required fields are marked *