SharePoint Web Apps and single ADFS Relying Party Trust

Question

I have a big doubt in how to make the following configuration work correctly.

I have 2 SharePoint farms, one application per each farm:

1. Dev Enviroment - My web app (dev version) https://url.comdev
2. Prod Environment - My web app (prod version) https://url.com

The two applications are identical and both environment are accessed by users coming a unique Active Directory (we don't have a dev user domain).

I have asked the creation of two relying party trust in an existing ADFS and I have configured a standard trusted token issuer on SharePoint. I was given a single relaying party trust configured in the following way:

WS Federation Passive Endpoint: https://url.com/_trust/

Identifiers:

• https://url.com/_trust/
• https://url.comdev/_trust/
• uri:sp:url.com
• uri:sp:url.comdev

Given $ap* my SP Identity Trusted Token Issuers, my configuration was in Prod:

$id1 = "urn:sp:url.com"
$uri1 = new-object System.Uri("https://url.com")
$ap_prod.ProviderRealms.Add($uri1, $id1)
$ap_prod.Update()

And in Dev:

$id2 = "urn:sp:url.comdev"
$uri2 = new-object System.Uri("https://url.comdev")
$ap_dev.ProviderRealms.Add($uri2, $id2)
$ap_dev.Update()

Such configuration was not working in Dev, after sts authenitcation I was redirected to https://url.com/trust/.

Searching online I discovered the parameter UseWReplyParameter, and I run command only the following only in Dev:

$ap_dev.UseWReplyParameter = $true
$ap_dev.Update()

The configuration not seems working. Is this correct or do I have to configure the same way also the Prod farm? Which are the potential problem if I don't. Thank you!!

Answer 1

What i am thinking, You need the separate ADFS packages for each farm.I dont think it is recommend way to use the single package for two farm.

With in Single farm, you can do it the way you are implementing using the usewreplyparameter.