Hello,
I have been practicing my upgrade from 2013 to 2016 and everything seems to be going pretty well, except for user's getting adfs errors when they try to login to the 2016 imported org.
If I disable ADFS, then they seem to be able to login fine. The real key for me is that I found a way to "fix" their users.
Basically, I have 3 migration servers. 1 is 2013 sp1, 1 is 2015, and the last is 2016. The 2016 is where the org will finally rest. As part of building my migration servers I created default orgs on all of these systems. That was a requirement to even install dynamics on a new server. Let's call this org on the 2016 server "default2016org". Let's call my original 2013 prod org/db "2013prod"
When I finally get my "2013prod" imported all the way to my 2016 server, users have problems. They get a generic ADFS error on the new 2016 server. Well, all user's except mine. I finally realized that my user was a member of the "default2016org". So, as a test, I put the imported users on my now upgraded "2013prod" org into the "default2016org" and they could suddenly login to the "2013prod" org.
My Guess is that the imported users are not part of the right funky groups that get created with every Dynamics build, and therefore are getting denied access, until I put them in the default org, which adds them to those groups.
My question is, how do I avoid this issue? I have never found a great way to import users from one org to another, and I'm not sure that I want to leave the "default2016org" around or have to add all the users to it. I also have a suspicion that any new users I add to the upgraded "2013prod" org won't work unless I add them to the "default2016org"
thanks
