Why is AD FS 2016 executing this SQL query?

MFA evaluation can happen at global level

https://docs.microsoft.com/en-us/archive/blogs/ramical/under-the-hood-tour-on-multi-factor-authentication-in-adfs-part-1-policy

Check the MFA settings via Get-AdfsAdditionalAuthenticationRule . They might have rules defined to use that attribute store.

https://docs.microsoft.com/en-us/powershell/module/adfs/get-adfsadditionalauthenticationrule?view=windowsserver2022-ps


The issue turned out be a custom rule that was added to the Active Directory claims provider trust. So, every application that used Active Directory for claim rules would have that rule executed, which then queried the database, even if the application didn't need that value.

So, I removed that claim rule from Active Directory. Here is a screenshot where I found the rule.

enter image description here