search

Solution Attempt 2

ADFSCustomAuth.dll Update (Language/LCID Error Fix)

Purpose: To replace the custom MFA provider (Agent) on AD FS with the updated new DLL to prevent errors with unsupported language codes.

hashtag
Preparation and Critical Warnings

  • Authority: All operations must be performed on PowerShell opened with Administrator privileges.

  • Backup: A backup of the currently working ADFSCustomAuth.dll file must be taken.

  • File Download: Before starting the process, download the current DLL package from the link below and add it to the ADFS server where the ARK2FA agent is installed (Operations should be performed on the Primary server in ADFS farm servers).

  • Download Link DLLarrow-up-right

  • Service Interruption Warning: During this process, the AD FS Service (adfssrv) will be stopped and restarted. During this time, users will not be able to perform SSO (Single Sign-On) login operations.

  • Backup Requirement: Do not proceed to the next step without backing up the existing files in the directory where the operation is performed.

hashtag
STEP 1: Disabling the Provider

Since the existing DLL cannot be deleted while in use (Error code: PS0099), it must first be disabled from the AD FS interface.

  1. Open the AD FS Management console.

  2. Go to the Service > Authentication Methods menu.

  3. Click on "Edit Multi-factor Authentication Methods" from the right panel.

  4. In the Additional Authentication Methods tab, uncheck the mark next to Ark2FA.

  5. Close by clicking Apply and OK.

hashtag
STEP 2: Deleting (Unregistering) the Current Provider

Run the following command on PowerShell (Administrator) to clean the system from the old DLL registration:

(Press Y if asked for confirmation. You should see the "Successfully unregistered" warning.)

hashtag
STEP 3: Replacing the DLL File

The service must be stopped to avoid locking errors during file replacement.

  1. Stop the Service:

  1. File Replacement:

    1. Go to the folder: C:\Arksoft_ADFS

    2. Rename the old file: ADFSCustomAuth.OLD

    3. Copy the new DLL file to this folder.

hashtag
STEP 4: GAC (Global Assembly Cache) Registration

The new DLL needs to be added to the Windows cache.

hashtag
STEP 5: Verifying DLL Identity (Critical Step)

To avoid Version or Token mismatch (to prevent the "System cannot find the file" error), read the actual identity of the file:

The Version and PublicKeyToken values in the output of this command will be used in the next step.

hashtag
STEP 6: Registering the New Provider

Start the service and introduce the provider to the system with the correct credentials.

  1. Start the Service: (The Register command will fail if the service is not running)

    (Wait, after the service starts)

  2. Run the Register Command: (The Token and Version below are taken from our last successful operation)

  3. Verify It: Restart the service and check if the list appears.

    If you see the line Name : OTP ADFS in the list, the process is technically complete.

hashtag
STEP 7: Re-enabling the Provider (GUI)

As the final step, we are opening the setting we closed in STEP 1 so that users can use this system.

  1. Follow the path AD FS Management > Authentication Methods > Edit Multi-factor Authentication Methods.

  2. Check (Tick) the "OTP ADFS" box again in the Additional Authentication Methods tab.

  3. Click Apply and OK.

Result: The system has become active with the updated DLL (Code Fix: Try-Catch Language Patch). You can test it.

PreviousSolution Attempt 1NextArk2FA Authentication Timeout and Session Duration Configuration

Last updated