locked
Question about ADFS migration (move to new server) RRS feed

  • Question

  • Hi guys,

    We are planning to migrate the ADFS 3.0 server by using below approach

    -Add new ADFS 3.0 node (adding into the existing farm with the use of WID)

    There are few questions need to be clarified as below:-

    1. We will export the STS certificate (.PFX) from the existing ADFS server and import into new ADFS node.

        Do we need to export/import token-signing & token-decrypting certificate into the new ADFS as well?

    2. If not needed for No.1, will I be able to see token-signing & token-decrypting certificate in ADFS management console from new ADFS node after setting the new ADFS node as primary & existing ADFS node as secondary?

    3. I couldn't find the location of token-signing & token-decrypting certificate from MMC-->Certificates. Please can you let me know the exact location of those self-signed certificates (except from ADFS management console)?

    Appreciated is very much.

    Thanks.

       


    ken yap

    Thursday, July 13, 2017 12:09 PM

All replies

  • Follow steps as demonstrated in the blog for smooth migration. It has all the information you need.

    https://blogs.technet.microsoft.com/canitpro/2015/02/17/step-by-step-migrating-ad-fs-2-0-to-ad-fs-3-0-for-office365-single-sign-on/

    Friday, July 14, 2017 8:46 PM