I have ADFS configured for High availability. 2 ADFS servers in Azure, 2 ADFS proxy in Azure, Dirsync in Azure, 2 DC's in Azure. All farmed, all virtual IP's. ON prem users are routed to web not over azure VPN.
When we reboot the On prem DC that holds the FSMO roles, No one can log into O365 on-prem or in the cloud. ADFS error is 1000,342,364. I tested by stopping the AD services on that DC and as fast as they stop so does access. Time sync in Azure is UTC and our on-prem is Eastern standard, so there is a 4 hour time difference, since most articles state those errors are time sync. Not sure if ADFS time should be on azure DC's or on-prem DC's?
Any idea why rebooting the primary DC on-prem shuts