Multiple ADFS 3.0 Farms Single Site/Single Domain RRS feed

  • Question

  • We have a current ADFS farm setup that we use for internal use only and mainly for SSO into a home grown app.  We are now looking at moving to O365 and I would like to stand up another ADFS farm to use for O365.  Essentially I want to separate ADFS farms for different apps i.e homegrown vs O365.  What are the caveats if any and is this best practice.
    Friday, December 8, 2017 9:56 PM


  • You can have multiple farms in the same ADDS domain. The only caveat is that both farm will share the same Device Registration Service configuration (the configuration is stored in the configuration partition, so all ADFS farms of the forest would share the same). If you are not using the DRS service, no caveat at all as long as URL and URIs of both farms are different.

    Note that you can also use the existing one... Or you can also not use ADFS at all if you want and use the Azure AD Seamless SSO: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-sso

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, December 12, 2017 3:20 PM