Problem - Exchange 2019 CU15 & Modern Auth through on-prem ADFS

Question

Problem - Exchange 2019 CU15 & Modern Auth through on-prem ADFS

Romain 0

Hi,

I am trying to configure Modern Auth with my up-to-date Exchange 2019 CU15 DAG. Please note that I want to authenticate through my on-prem ADFS and not Office 365. Outlook version is Microsoft® Outlook® for Microsoft 365 MSO (Version 2506 Build 16.0.18925.20076) 64-bit.

I followed this tutorial: https://learn.microsoft.com/en-us/exchange/plan-and-deploy/post-installation-tasks/enable-modern-auth-in-exchange-server-on-premises#how-will-modern-authentication-work-and-is-this-feature-applicable-to-me However, I am unable to get Outlook client to work with it.

More info: On client side, I added the few registry keys in the tutorial + others I found during my research:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\office\16.0\outlook\autodiscover DWORD: ExcludeExplicitO365Endpoit

HKEY_CURRENT_USER\Software\Microsoft\Exchange\ DWORD: AlwaysUseMSOAuthForAutoDiscover

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Common\Identity\ DWORD: EnableADAL

When I launch Outlook, the ADFS authentication window appears as expected. I enter my credentials, but then it spins indefinitely. If I add my account to a new profile, the same thing happens, except that I end up with error 62ubh (An error occurred).

Looking at the ADFS side, authentication works fine. There is no error log about it. If I run Fiddler on my computer, I can see that ADFS is sending me a valid token.

My Outlook calls https://adfs.myfakedomain.com/adfs/oauth2/authorize then https://adfs.myfakedomain.com/adfs/oauth2/token, but once the token is received, a new URL is called and ends with 404 error: https://adfs.myfakedomain.com/common/sso/progress?stage=Closing

I can't debug any further and understand what's happening. I don't know if it's the return URL sent by ADFS that's incorrect, or if it's my Outlook that doesn't understand the response from my ADFS and wants to close the SSO session. I don't understand why it doesn't move on to step 7 of the process (schema on the howto from Microsoft).

Based on my understanding, Outlook should now contact my Exchanges with the newly received tokens, right?

I would therefore appreciate your help in clarifying this for me.

1 answer

Your answer

Answer 1

Hi Romain
Thank you for reaching out to Microsoft Learn Q&A! Based on your description, I understand you're encountering a 404 error when the URL …/common/sso/progress?stage=Closing is called, along with an error code 62ubh after ADFS authentication in Outlook.

As a forum moderator, I want to acknowledge that we do not have access to a dedicated testing environment to replicate user-specific scenarios. However, driven by our mission to support users within the scope of our capabilities, I’d like to share some troubleshooting steps that may help you investigate further or provide more context around the issue:

+Verify Registry Keys
Please double-check that the three relevant registry keys are set to a value of 1, which ensures the feature is enabled.

+Review ADFS Relying Party Trust (RPT)
Ensure that the Relying Party Trust (RPT) includes the correct endpoints, valid claims rules (such as UPN and email), and a valid token-signing certificate. You can use the Get-AdfsRelyingPartyTrust command to review these settings. For more details, please refer to Get-AdfsRelyingPartyTrust (ADFS) | Microsoft Learn.

+Use Event Viewer
Check logs in Event Viewer to gather more information and identify any underlying issues.

+Restart Services
Restarting IIS and ADFS services is a general troubleshooting step that may help resolve temporary issues.

As mentioned, due to platform limitations, I’m unable to provide an exact solution without additional context. Your feedback is incredibly valuable and helps us improve the support we offer. If you have any updates or further questions, please don’t hesitate to reach out.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread

Vergil-V 2,115 Reputation points Microsoft External Staff Moderator

2025-08-07T10:40:38.9433333+00:00

Hi @Romain
Hope you're having a good day.
May I ask if there have been any updates regarding the issue of encountering a 404 error and error code 62ubh?
Have you had a chance to review the responses shared so far?
I’d appreciate any updates you can provide, and please let me know if there’s anything further I can do to assist.
Romain 0 Reputation points

2025-08-07T10:50:42.8766667+00:00

Hi, still in progress. I cannot find my issue.
Austin-H 3,555 Reputation points Microsoft External Staff Moderator

2025-08-12T02:11:13.7566667+00:00

Hi @Romain

Thank you for your information above. According to this issue, I would also like to understand more about your situation.

May I know if you were trying to sign-in with any other users - would the error message (62ubh) display the same?

May I know if you actually changed the registry as mentioned above to 0 or 1? Were there any differences after doing that?

Please have a look at ADFS Event viewer (Troubleshoot Active Directory Federation Services with events and logging | Microsoft Learn ) - Is it possible to collect any outcomes when doing the authentication?

Would you mind sending a piece of Fiddle or a screenshot of the issue? It's good if I could see a part of it to do a deeper research for you.

I am looking forward to your reply.

Share via

Problem - Exchange 2019 CU15 & Modern Auth through on-prem ADFS

1 answer

Your answer