locked
2 Domain Controllers with AD running I want to setup ADFS 2.0 on same domain on a file server. RRS feed

  • Question

  • I have a similar question. I have two 2016 DC w/AD mirrored in production. I want to test Saleforce SSO that need Federation Services 2.0 + running. I have one 2012 file server on the same domain and want to add ADFS to it for testing some other apps will it conflict or break something? 

    Microsoft AD FS 2.0 supports the SAML 2.0 protocol. When AD FS 2.0 is set up as a Salesforce identity provider, users can log in to Salesforce using single sign-on (SSO). To do:

    1. The user authenticates to the AD FS server using Integrated Windows Authentication (kerberos tokens over HTTP) and requests login to Salesforce.
    2. AD FS returns a SAML assertion to the user’s browser.
    3. The browser submits the assertion to Salesforce, which logs the user in.

    Here are the high-level steps to create a test deployment.

    • Install Microsoft AD FS 2.0
    • Configure AD FS and your Salesforce environment

    Thanks ahead!!

    J

    Tuesday, January 1, 2019 5:37 AM

All replies

  • Hiya,

    First off, should always mention, dont test stuff on your production environment.

    That said, you should be fine. File server service sand ADFS shouldn't have any conflicts.

    If you find it to be working, you should consider creating a new server for that type of workload.

    Wednesday, January 2, 2019 7:32 AM
  • As Jesper mentioned, not always a good idea to test on a production system.

    Also keep in mind that Server 2012 supports ADFS 2.1. 

    ADFS 2.0/2.1 is outdated, a suggestion might be to go to 3.0 or higher. I belive salesfoce supports this and you can reach out to them to verify.

    Most important, you will also need ADFS certificates.


    Isaac Oben MCITP:EA, MCSE,MCC <a href="https://www.mcpvirtualbusinesscard.com/VBCServer/4a046848-4b33-4a28-b254-e5b01e29693e/interactivecard"> View my MCP Certifications</a>

    Wednesday, January 9, 2019 5:34 AM