I’ve run into the issue that users can’t login to Office365 because they’re unable to authenticate trough ADFS using Google Chrome. There is a Fix (or Workaround) if you like, by disabling Extended Protection. This could be done server side or client side, following these steps:
1. On the computer where the web browser is experiencing the issue, start Registry Editor (regedit), and locate the following subkey.
2. In the Lsa subkey, locate the SuppressExtendedProtection value. If the value does not exist, you must add it. To add the value, right-click Lsa, point to New, and then click DWORD (32-bit) Value. Type SuppressExtendedProtection, and then press ENTER.
3. Right-click SuppressExtendedProtection, click Modify, and enter 1 (REG_DWORD).
4. Click OK and close Registry Editor.