locked
ADFS Disaster recovery guide RRS feed

Answers

  • There is a new tool available for a quick and easy backup/restore: AD FS Rapid Restore Tool https://technet.microsoft.com/en-us/windows-server-docs/identity/ad-fs/operations/ad-fs-rapid-restore-tool 

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Sunday, October 2, 2016 4:09 PM
  • ADFS key components: Certificate, AD containers, and the database. For the 1st one, make sure you have a backup of the SSL cert. For the second, ensure you properly backup AD. For the last one, if it is a WID database, a BMR backup of the ADFS server is just fine (note that it will also backup SSL certs' private keys). If you are using SQL, a SQL backup...

    For the WAP, I would say not to bother. Rebuild it if needed (it is just one powershell cmdLet anyway).


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.


    Thursday, May 26, 2016 11:57 PM

All replies

  • ADFS DR really depends on your farm, and if you are using SQL or WID for your DB, and the types of certificates used for ADFS

    Cheers,

    Jorge de Almeida Pinto

    Principal Consultant | MVP Directory Services | IAM Technologies

    COMMUNITY...:

    DISCLAIMER: This post is provided "AS IS" with no warranties of any kind, either expressed or implied, and confers no rights! Always evaluate/test yourself before using/implementing this!

    Thursday, May 5, 2016 8:40 PM
  • I like to know what kind is AD FS disaster recovery plan/procedure with most common case. ADFS 2012R2 farm (two ADFS servers in domain) use WID database and two 2012R2 WAP servers in DMZ.

    -Ari

    Tuesday, May 24, 2016 9:02 AM
  • ADFS key components: Certificate, AD containers, and the database. For the 1st one, make sure you have a backup of the SSL cert. For the second, ensure you properly backup AD. For the last one, if it is a WID database, a BMR backup of the ADFS server is just fine (note that it will also backup SSL certs' private keys). If you are using SQL, a SQL backup...

    For the WAP, I would say not to bother. Rebuild it if needed (it is just one powershell cmdLet anyway).


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.


    Thursday, May 26, 2016 11:57 PM
  • Does this help?

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Thursday, June 2, 2016 1:47 PM
  • There is a new tool available for a quick and easy backup/restore: AD FS Rapid Restore Tool https://technet.microsoft.com/en-us/windows-server-docs/identity/ad-fs/operations/ad-fs-rapid-restore-tool 

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Sunday, October 2, 2016 4:09 PM