In this article, we will discuss the Post-Deployment of Active Directory Federation Service (ADFS) in Windows Server. Active Directory Federation Service (AD FS) enables Federated Identity and Access Management by securely sharing digital identity and entitlements rights across security and enterprise boundaries. Please see Guide on federating ADFS with Azure Active Directory, Concept of Active Directory Computer Account, and “Pass-Through Authentication Authentication and ADFS environment setup on Hyper-V for Hybrid Identity integration“.
ADFS extends the ability to use single sign-on functionality that is available within a single security or enterprise boundary to Internet-facing applications to enable customers, partners, and suppliers a streamlined user experience while accessing the web-based applications of an organization.
Please see “How to delete ADFS Windows Internal Database without access credentials“, how to Enable Autologon and Autostart for user session, and How to Edit Windows Hosts File via PowerToy Editor Utility.
ADFS Post Configuration
Follow the steps below when you have successfully installed ADFS in Windows Server environment. Here is how to install ADFS to ensure proper post-deployment configuration.
Under the Post-deployment Configuration, click on configure the federation service on this server. This is an essential part of post-deployment of Active Directory Federation Service (ADFS).
On the Connect to AD DS window, specify the domain credentials to connect to the AD DS. This step is critical in the post-deployment process of Active Directory Federation Service (ADFS).
Under Specify Service Properties, Select the federation Name and the SSL certificate you imported into the certificate store. This task forms a critical aspect of the post-deployment of Active Directory Federation Service (ADFS).
Under the Specify Service Account. This message is prompted as part of the post-deployment configuration of ADFS.
See how to create a KDS root key using PowerShell. Creating root keys is an important step in the post-deployment of ADFS.
Use the Manage Service Account created yourdomain\gMSA. Click on Next and Next again.
On the Review Options page, click on next as well. This will lunch the pre-requisite check.
If everything goes well, a pre-requisite success window is displayed as part of the post-deployment checker for Active Directory Federation Service (ADFS).
Click on Configure, this will display the installation progress bar and when complete display a result window as shown below. Completing this will ensure successful post-deployment of ADFS.
Click on Close as shown above.
You can now launch the AD FS Management Console from the tool as shown below.
I hope you found this article very useful. Please let me know via the comment session if you require additional information.
