ADFS 3.0 and SS0 for Google Chrome

Hello Microsoft Team,

We recently deployed ADFS 3.0 in house to allow SSO with a service provider called Service Now. We do have multiple ADFS internal servers in a farm and db hosting on a SQL shared cluster and multiple WAP servers in the DMZ zones

So far, everything works well, my AD users can access the cloud application using IE with SSO, however using chrome system prompts for enter credentials.

After further investigation, I found that we may need to disable extended protection in ADFS as per links below

The issue is not unique to Service-Now but actually a known issue with ADFS disabling Extended Protection should allow for authentication.  

http://jackstromberg.com/2014/03/adfs-v3-on-server-2012-r2-allow-chrome-to-automatically-sign-in-internally/

Disable Extended Protection in ADFS

https://social.technet.microsoft.com/Forums/en-US/6948e92d-1789-480d-99c1-08ee94a522cd/adfs-3-server-2012-r2-and-chrome?forum=winserverDS

Details pertaining to extended protection

https://msdn.microsoft.com/en-us/library/dd639324(v=vs.90).aspx

Proof that the product supports this feature:

https://community.servicenow.com/thread/158681

Can you please validate if the steps on the link are accurate? Any service impact to existing ADFS?

Can you please elaborate why we need to disable Extendend protection in ADFS to allow SSO for Chrome?

Any gotchas, concerns, about following this?

Franki