Scribd
Upload
313 views

How To Create A LAB of ADFS Servers

1. The document discusses how to create an Active Directory Federation Services (ADFS) lab with two Windows Server 2012 R2 servers - one configured as the ADFS server and certificate authority, and the other configured as the Web Application Proxy (WAP) server. 2. It provides instructions for installing and configuring the ADFS role on one server, including steps for obtaining and installing an SSL certificate. 3. It then describes how to export the ADFS certificate and trusted root certificate to the WAP server, install the WAP role, and configure the WAP to proxy authentication requests to the ADFS server.

Uploaded by

Disha1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
313 views

How To Create A LAB of ADFS Servers

1. The document discusses how to create an Active Directory Federation Services (ADFS) lab with two Windows Server 2012 R2 servers - one configured as the ADFS server and certificate authority, and the other configured as the Web Application Proxy (WAP) server. 2. It provides instructions for installing and configuring the ADFS role on one server, including steps for obtaining and installing an SSL certificate. 3. It then describes how to export the ADFS certificate and trusted root certificate to the WAP server, install the WAP role, and configure the WAP to proxy authentication requests to the ADFS server.

Uploaded by

Disha1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

c

How to create a LAB of ADFS servers.

As per my I have two servers with OS window server 2012 r2.

1. MICUADFS
2. MICUADFP

MICUADFS server is a domain controller as well as certificate authority and ADFS server and
MICUADFP server has role WAP.

How to create lab

Install ADFS role on server.

1. Install and configure active directory role on the server and configure DNS too.
2. Install role of active directory certificate authority role and configure as default settings just
click next and next.
3. Install ADFS role on the server and configure as per below steps.
 Open IIS server manager  go to server certificate  double click on server
certificate and go to domain certificate.
 Certificate window will open fill CN name such as sts.micu.tech and another
required details. Once fill all details just choose default settings and click next and
next.
 Open certificate manager, you will check and found a certificate in server manager.
 Open ADFS configure wizard click next
 Give domain account name and password and click next
 In this window choose certificate and give federation service name “sts.micu.tech”
and display name Micu Pvt Ltd and click next.
 Give the ADFS service account name and password and click next
 Choose database, where you would like to store configuration. It could be local
database or SQL database once you select database click next
 Configuration wizard will check all prerequisite
 Once server check prerequisite configuration button will highlight. Click configure.

Install ADFP web application proxy role

1. Open certificate manager on ADFS server and give permission to ADFS service account
svc_adfs to manage private key. Right click on certificate all task  manage private key 
add service and give read permission.
2. Once you give permission export certificate with private key and trusted root certificate of
the CA.
3. Once you export certificate from the ADFS server go to WAP server and open server
manager and import both certificate in private store and trusted root store.

Note: - if you will not install trusted root certificate on the WAP server it will give TLS/SSL connection
error when you configure WAP role.

4. Install role WAP role, open add and remove role wizard  choose remote access web
application proxy.
5. Open configuration wizard, click next  give federation server name sts.micu.tech and
service account name which you give when you configure ADFS such SVC_ADFS.
c

Note: - Service account should be have domain admin rights and give name without domain name
such as SVC_ADFS and password.

6. Once you give service account name and password click next
7. Choose certificate and click next and configure.
8. Once WAP configured publish the rule
9. Click publish
10. Choose pass to and give internal URL and external URLs such as sts.mich.tech click publish.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy