locked
Backup-ADFS - Best practice? RRS feed

  • Question

  • I found the very useful ADFSRapidRecreationTool for backing up AD FS.

    Is it recommended to have daily backup or only when AD FS Configuration have change?

    If I would run my backup script daily via task scheduler I would have put in the EncryptionPassword in clear text, or is there another way of doing this?

    This tool doesn't backup the web application proxy configuration. How can I achieve this?


    • Edited by 1.FreddyD Tuesday, October 24, 2017 4:45 AM
    Monday, October 23, 2017 7:03 AM

All replies

  • You could create the backup script in a folder protected by a DACL and only the SYSTEM and admin can access it. That way the command line of the scheduled task will not have the password clear text. The script will though :/ But protected by DACL :)

    You don't need to backup the WAP server, they configuration is stored in the ADFS database. No need to restore a WAP server, you just reinstall a brand new one if you need to "replace" one.


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Thursday, October 26, 2017 2:43 PM