So you are all set, your ADFS 3 setup is running and you need to customize your login page to give it a look that matches your corporate brand.
Default your page will look something like this with the default illustration, and the default text header. (Colors are a bit fubar on this image)
Start by creating a new custom theme, this way you will allways be able to revert to your default theme.
New-AdfsWebTheme –Name custom –SourceName default
Then make your new theme active
Set-AdfsWebConfig -ActiveThemeName custom
So far your theme looks just like the default theme.
Lets insert a company logo. Copy your logo to a location on your ADFS server, i use c:\adfstheme. Microsoft recommends size 260*35 @ 96 DPI for logo.
Set-AdfsWebTheme -TargetName custom -Logo @{path=”C:\adfstheme\logo2.png”}
Now you have a logo, and want to change the blue illustration on the left part of the screen.
Copy your new illustration to your ADFS server. Microsoft recommend size 1420*1080 @ 96 DPI for illustration graphics.
Set-AdfsWebTheme -TargetName custom -Illustration @{path=”C:\adfstheme\illustration.png”}
So far everything runs out of the box powershell commands, but you dont want users to have to enter credentials in a domain\username or username@domain.com format. You just want them to enter their username and password and hit Sign in. This needs custom code added to onload.js
To access onload.js, you need to export your theme. Remember to edit to fit your domain.
Export-AdfsWebTheme -Name default -DirectoryPath C:\adfstheme
The onload.js file is now present in c:\adfstheme\script folder
Open onload.js in preferred editor, and add the following code.
// Check whether the loginMessage element is present on this page.
var loginMessage = document.getElementById(‘loginMessage’);
if(loginMessage)
{
// loginMessage element is present, modify its properties.
loginMessage.innerHTML =’Some useful message to explain what they need to enter, or re-enter after failed attempt’;
}
//remove domain name requirement
function runScript(e){
if(e.keyCode ==13){
AppendUPN();
returnLogin.submitLoginRequest();
}
}
varAppendUPN=function(){
var userName = document.getElementById(Login.userNameInput);
var lowerUserName = userName.value.toLowerCase();
//Check to see if they already included the UPN
var li = lowerUserName.lastIndexOf(‘@your_domain_name‘);
if(li ==-1)
{
userName.value = userName.value +’@your_domain_name‘;
}
returntrue;
}
document.getElementById(‘submitButton’).onclick =newFunction(‘AppendUPN();return Login.submitLoginRequest();’);
document.getElementById(‘passwordInput’).onkeypress = runScript;
I also like to change the tekst in the Username box to fit a Username only logon. To do this i just enter a last line of code to the abowe, and change “Text here” to “Username”
document.getElementById(“userNameInput”).placeholder=”Text Here”;
document.getElementById(‘submitButton’).onclick =newFunction(‘AppendUPN();return Login.submitLoginRequest();’);
document.getElementById(‘passwordInput’).onkeypress = runScript;
Save onload.js
Apply onload.js to your custom theme with this command.
Set-AdfsWebTheme -TargetName custom -AdditionalFileResource @{uri=’/adfs/portal/script/onload.js’;path=”C:\adfstheme\script\onload.js”}
Now you have a custom branded login page on your ADFS.
There is also other customizations you can do, but these are the ones i use.
Sources for script, which I have not made but found on technet.
Hi,
Great bit of work!
I am struggling to get the no domain name to work though. I know the script must be somewhat working as the login message bit is ok.
Any ideas?
Thanks
Hi
I think you need to use your full inside domain name, even though your public domain is cardinalheenan.com, you probably have a different name for your AD. Like domain.local, this is what goes in to your onload.js var li = lowerUserName.lastIndexOf(‘@domain.local’); and the second line is userName.value = userName.value + ‘@domain.local’;
\\morten
Hmm, I’m sure this worked at some point but I’ve tried putting this before and after the default text in the onload.js file and it always causes a “script error” when accessing ADFS 3.1. Even just adding the small script to change the “someone@example.com” to “Username” causes a script error.
Hi Cody
this post was written with no code highlight, so i think you just have to correct ” if you copy code from this page.
As far as if MS update breaks this, I have no idea. I dont have this in production and I have not worked with ADFS for a while 🙂 Mainly a Citrix dude…
\\morten
A space got left out
“varAppendUPN=function()”
should be
“var AppendUPN=function()”
Hi,
Are users still able to login if they enter their username and domain. Ie. Username@domain.com
Thanks
No, well not using the script as it auto appends the domain name on so you end up with it twice.
please try “userName.value = userName.value + ‘\@domain.local’”, “\” is necessary.