In the machine that will federation Server:
Install WebServer;
Open IIS;
Click Server Certificates, click Import, and import you certificate.
Import your certificate and close.
Restart IIS: iisrestart /noforce
So, before start, install .NET Framework 3.5.
Click in Specify an alternate source path
Done, open PowerShell and install ADFS.
Add-WindowsFeature ad-federation-services
Depending of the version, Microsoft change the names of the service, you can check with Get-WindowsFeature
After, open ADFS console.
Click ADFS Federation Server Configuration Wizard,
Select Create a new Federation Service,
Select New federation server farm,
Select your certificate.
The Best practices, you must create an account to the service.
Review the summary, then, click Next.
After install, check if you had successfully.
Now, please download Microsoft Online Services Sign-In Assistant
And Windows Azure Active Directory Module for Windows PowerShell – Baixar do Portal Microsoft Online.
First, install Microsoft Online Services Sign-In Assistant.
Restart your server.
Now, install Windows Azure Active Directory Module for Windows PowerShell.
Click Next;
If you accept the License Terms, select I accept the terms in the License Terms and click Next.
Select the install location and click Next.
If you are ready, please, click Install.
Ok! You have completed the installation.
Ok. Now open Windows Azure Active Directory Module for Windows PoweShell and connect with Office 365.
$livecred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic –AllowRedirection
Set-ExecutionPolicy RemoteSigned -Force
Import-PSSession $Session
Connect-MsolService -Credential $livecred
Enter with the account @*.onmicrosoft.com
Ok, you are in your domain into PowerShell.
Now you need set the ADFS Server.
Set-MsolADFSContext –Computer computer_name
OK, then, you will convert your domain. I understand who you already create your tenant and active your domain. I will use the option –SupportMultipleDomain, if in the future, I can federated more domains in the same tenant.com
Convert-MsolDomainToFederated –DomainName your_domain –SupportMultipleDomain
You will receive the message: Sucessfully updated ‘your_domain’ domain
I used run
Update-MsolFederatedDomain –DomainName your_domain –SupportMultipleDomain
So, I will check with the follow command:
Get-MsolDomain –DomainName your_domain
In Authentication, will Federated.
Release your session:
Remove-PSSession $Session
And in ADFS Console, Relaying Party Trusts was created.
Done!
//