Posted on

Deploy ADFS Windows Server 2012 R2

In the machine that will federation Server:

Install WebServer;

01

02

03

Open IIS;

04

Click Server Certificates, click Import, and import you certificate.

05

Import your certificate and close.

Restart IIS: iisrestart /noforce

So, before start, install .NET Framework 3.5.

06

Click in Specify an alternate source path

07

08

09

10

Done, open PowerShell and install ADFS.

Add-WindowsFeature ad-federation-services

Depending of the version, Microsoft change the names of the service, you can check with  Get-WindowsFeature

11

After, open ADFS console.

Click ADFS Federation Server Configuration Wizard,

12

 Select Create a new Federation Service,

13

Select New federation server farm,

14

Select your certificate.

15

16

The Best practices, you must create an account to the service.

17

Review the summary, then, click Next.

18

After install, check if you had successfully.

19

Now, please download Microsoft Online Services Sign-In Assistant

And Windows Azure Active Directory Module for Windows PowerShell – Baixar do Portal Microsoft Online.

First, install Microsoft Online Services Sign-In Assistant.

20

21

Restart your server.

22

Now, install Windows Azure Active Directory Module for Windows PowerShell.

23

Click Next;

24

If you accept the License Terms, select I accept the terms in the License Terms and click Next.

Select the install location and click Next.

25

If you are ready, please, click Install.

26

Ok! You have completed the installation.

27

Ok. Now open Windows Azure Active Directory Module for Windows PoweShell and connect with Office 365.

$livecred = Get-Credential

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic –AllowRedirection

Set-ExecutionPolicy RemoteSigned -Force

Import-PSSession $Session

Connect-MsolService -Credential $livecred

Enter with the account @*.onmicrosoft.com

28

29

Ok, you are in your domain into PowerShell.

Now you need set the ADFS Server.

Set-MsolADFSContext Computer computer_name

30

OK, then, you will convert your domain. I understand who you already create your tenant and active your domain. I will use the option –SupportMultipleDomain, if in the future, I can federated more domains in the same tenant.com

Convert-MsolDomainToFederated DomainName your_domain –SupportMultipleDomain

31

You will receive the message: Sucessfully updated ‘your_domain’ domain

I used run

Update-MsolFederatedDomain –DomainName your_domain –SupportMultipleDomain

32

So, I will check with the follow command:

Get-MsolDomain DomainName your_domain

In Authentication, will Federated.

33

Release your session:

Remove-PSSession $Session

And in ADFS Console, Relaying Party Trusts was created.

34

 Done!

//

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s