This error is related with the error in ADFS 2.0 in the post: https://sharepointrescue.wordpress.com/2015/11/05/adfs-2-0-chrome-users-repeteadly-prompted-for-credentials/
But in this case we are working with ADFS 3.0 so we don’t use IIS anymore, but there are other default settings working against Our Chrome users, so lets have a look at what we need to change.
Chrome only uses NTLM Authentication, so first we need to allow this by setting the ExtendedProtectionTokenCheck to None.
Set-ADFSProperties –ExtendedProtectionTokenCheck None
Then we need to alter the current list of supported user-agents for NTLM, which basicly means we need to allow Chrome within the list of browser we want to support. Get the list over allready supported browsers:
Get-ADFSProperties | Select -ExpandProperty WIASupportedUserAgents
It will show a list of supported browser which by default is:
Then we add all these and Chrome, or to be Clear, we add what ADFS think Chrome is:
Set-ADFSProperties -WIASupportedUserAgents @(“MSIE 6.0″, “MSIE 7.0″, “MSIE 8.0″, “MSIE 9.0″, “MSIE 10.0″, “Trident/7.0″, “MSIPC”, “Windows Rights Management Client”, “Mozilla/5.0“)
Which is Mozilla v5.0, then restart the Active Directory Federation Service to use the changes.