Hi All,

I have a SP2013 environment which authenticate users using ADFS 2.0 via Windows AD. We have two separate clients, Portal and Mobile. Portal users Passive Federation where as Mobile client uses Active Authentication with usernamemixed endpoint in ADFS. 

I have an AD property which stores Unicode characters. In Active Authentication via Mobile, for a user who has a Unicode value in the AD property, I can get the SAML token successfully from ADFS. 

Ex : <saml:AttributeValue>espaol</saml:AttributeValue>

However, when I post this SAML token to SharePoint _trust endpoint, I'm getting an error "500 Internal Server error". However for the same user, if I change the AD property value from "espaol" to "English" then I can get the FedAuth cookie successfully from the _trust endpoint. 

Also, for the same user, If I logged in via Portal which uses Passive Federation, then it's working fine.

Really appreciate your thoughts on this.

Hi Supun,

I am trying to involve someone familiar with this topic to further look at this issue.There might be some time delay, appreciate your patience.

Thanks,
Daniel Yang