Install ADFS in Server 2019 Step by step

ByAMARNATH K

Mar 12, 2019

Install ADFS in Server 2019 Step by step: ADFS(Active Directory Federation service) is a single sign-on solution to users built by Microsoft. ADFS works on Windows server with claims-based authentication. AD FS addresses a variety of business scenarios where the typical authentication mechanisms used in an organization do not work.

Prerequisites :

  1. SSL certificate
  2. ADFS service account
  3. ADFS namespace
  4. SQL Database (optional)
Installation :
    1. Install ADFS role from ‘Server Manager’ or using ‘PowerShell’Install ADFS in Server 2019
    2. Open ADFS configuration wizard by clicking the Notification icon in ‘Server Manager -> Dashboard’.Install ADFS in server 2019
    3. Connect to AD DS: Provide the credential of domain admin to proceed with the installation and click ‘Next’.Install ADFS in server 2019
    4. Specify Service properties: Import the SSL certificate from the location and the Federation service name will gets popped up automatically. Provide the display name for sign in page. I’m using self signed certificate for this demo.Install ADFS in server 2019Install ADFS in server 2019
    5. Specify Service Account: Enter the existing service account or create new service account for ADFS.Install ADFS in server 2019
    6. In case of getting error that ‘KDS root has not been set’, run the following command to troubleshoot.ADFS installation step by stepADFS installation step by stepADFS installation step by step
    7. Specify database : By default, ADFS config wizard will install and utilize the internal database. We can also use SQL database to avoid using internal database.Install ADFS in server 2019
    8. Review options: Review the selections and click ‘Next’
    9. Pre-requisites Checks: ADFS config wizard validates the pre-requisites and click ‘configure’ once the check is passed successfully.
    10. Congratulation! ADFS is successfully configured now.
    11. Verification of ADFS installation:
    1. https://<adfs.domainname.com>/federationmetadata/2007-06/federationmetadata.xml
    2. https://<adfs.domainname.com>/adfs/fs/federationserverservice.asmxInstall ADFS in server 2019
    3. Another way of verification is accessing ‘Idpinitiatedsigninpage’ in browser. But this page is disabled by default in server 2016 & server 2019 installation. To enable ‘idpinitiatedsigninpage’ execute the following command in PowerShell.
    4. https://<iadfs.domainname.com>/adfs/ls/IdpInitiatedSignon.aspx

Set-AdfsProperties -EnableIdpInitiatedSignonPage $True

Install ADFS in server 2019

By AMARNATH K

AM@RNATH is a Technology specialist primarily focus on Microsoft Technologies & Cloud Security. His certification includes M365 Certified: Enterprise Admin Expert. He loves to explore things from the latest technologies to cooking new recipes. Basically from Chennai, the southern part of India. Lucky son, friendly husband, and a proud father who loves to spend time with his family & friends while the laptop is not in his table.

Related Post

windows

The resource you are trying to access is not available error in ADFS Windows Server 2019 (Resolved)

AMARNATH K
PowerShell windows

How to create Self signed certificate with PowerShell?

AMARNATH K
windows

Install ADC with IFM in server 2019 step by step

AMARNATH K
2 thoughts on “Install ADFS in Server 2019 Step by step”

  1. Hello Amar, I have followed all your steps. But the verification step2 ‘https:///adfs/fs/federationserverservice.asmx’ shows the Service Unavailable HTTP Error 503. Also I have enabled ‘IdpInitiatedSignOn’ and I can see the page which says SignIn. But when I signin with the domain admin account, it throws the error ‘The Webpage cannot be found’
    I checked all the services related to ADFS is working fine. BTW, I have installed the server 2019 on AWS VPC. Please provide any suggestions.

    Reply

Leave a Reply

Your email address will not be published.