Hi Friends, today I am going to show you how to install and configure the Active Directory Federation Services in Windows 2016 Server. I know there are many articles available in ADFS installation however you may like it since it’s a kind of re-installation of the ADFS role.
As a pre-requisite we will go to the DNS server and create an A record for adfs.whyazure.in, also we will request a public certificate with the subject name of adfs.whyazure.in, in case you want to use this ADFS server in public domain, please also create a CNAME record in the public DNS server which will be pointed to adfs.whyazure.in
For the ADFS installation in the first step please open the server manager, select the server roles and select the Active Directory Federation Services as shown here.
Click on Next
Click on Next
Select the AD Federation Services Role
Once you click next you will find this.
It will install the ADFS role in the server.
Click on next and you can find the confirmation screen
Click on the install button as shown above
Here you can find that the ADFS services has been installed
Since the installation is over now some Action Items are pending for us
Now the action item is to configure the ADFS Server which we have just installed.
Click on the create the first federation server in a federation server farm
Now enter the credential, I wanted to add here that the certificate I have used here is a public certificate.
Now you have to select an SSL certificate as you can see above, in next step we need to configure the service account for ADFS server management
Click on next, in this step you need to specify the configuration database, I have selected a windows database.
This step is important in case you wanted to uninstall the ADFS server for reason in this server and install it again, in this case you will hit with an error here.
To get rid of this error you need to check the overwrite existing AD FS configuration database and click on next
Now you can review your configuration as shown above.
As you can see that all the prerequisite checks are completed you can click on configure to complete the installation.
In this step it will validate the SSL certificate
We don’t have SAN entry in the certificate which is called certauth.adfs.whyazure.in, so there is a warning you can see below but it’s not a show stopper for us.
However it has been configured correctly with the subject name of the certificate, which is adfs.whyazure.in, and that is enough to complete our configuration, as you can see in the results. I hope you have liked this post. In my next post, I will show you how to configure O365 with the ADFS server in a very detail step by step procedure.