Hi Alex,
Yes, open all the ports on DC and ADFS is a necessary step to narrow down this problem. Further, we need to install the netmon tools both on DC and ADFS server to see the “user query” can be successfully delivered and result can be sent back.
I also think the SSO environment which you are working on. If you work on a fully test environment, I suggest you re-set up everything, a new DC and an ADFS server (ADFS server is installed on a domain-joined computer). Because re-deployment will faster than troubleshooting everything.
I found a very good video about how to set up the ADFS and dirsync server. You can see the details via (Please visit the site to view this video)
Thanks,
Neo Zhu