locked
ADFS 2016 behind 2012 R2 Web Application Proxy RRS feed

  • Question

  • Can we use ADFS 2016 behind a 2012 R2 Web Application Proxy?

    Are there any features we would be missing?

    Thursday, November 10, 2016 2:35 PM

All replies

  • You can but you won't be able to raise the farm behavior level. This means that your farm will behave like an ADFS 2012 R2 farm until you get rid of all your ADFS 2012 R2 and raise the farm behavior level.

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Friday, November 11, 2016 2:43 PM
  • That is fine for now.

    I set this up, using ADFS 2016 and Web Application Proxy on server 2012 R2.

    I get this error on the proxy server when configuring the proxy:

    "Unable to retrieve proxy configuration data from the Federation Server."

    And in event viewer:

    Status Code:
    UpgradeRequired

    Exception details:
    System.Net.WebException: The remote server returned an error: (426) Upgrade Required.
       at System.Net.HttpWebRequest.GetResponse()
       at Microsoft.IdentityServer.Management.Proxy.StsConfigurationProvider.GetStsProxyConfiguration()

    It seems like maybe I can't use a 2012 proxy.

    Wednesday, November 16, 2016 9:19 PM
  • That is fine for now.

    I set this up, using ADFS 2016 and Web Application Proxy on server 2012 R2.

    I get this error on the proxy server when configuring the proxy:

    "Unable to retrieve proxy configuration data from the Federation Server."

    And in event viewer:

    Status Code:
    UpgradeRequired

    Exception details:
    System.Net.WebException: The remote server returned an error: (426) Upgrade Required.
       at System.Net.HttpWebRequest.GetResponse()
       at Microsoft.IdentityServer.Management.Proxy.StsConfigurationProvider.GetStsProxyConfiguration()

    It seems like maybe I can't use a 2012 proxy.

    Have you tried to reinstall the WAP-role after upgrade of ADFS to server 2016?

    In general I would like to recommend to use the same version on both proxy and internal adfs-server.
    But remember you also need to prepare/raise AD for be able to use all new features.

    Wednesday, November 16, 2016 9:58 PM
  • Both of these servers are built from scratch and not an upgrade. Yes it may be that they are not compatible but I can't find information anywhere.
    Thursday, November 17, 2016 2:22 PM