ADFS – Web Application Proxy 2016 Installation & Configuration

Prepare two Windows 2016 servers with Windows Updates. Dont join them to the domain. Installing Web Application Proxy Let’s fire up the Add Roles Wizard from Server Manager As noted in the previous post, there is no longer a separate AD FS proxy role in Windows 2016.  The Remote Access feature provides VPN, Direct Access and Web Application Proxy (WAP) functionality.  It is the latter that we need to install. Select Remote Access Unless you want to add any features, like telnet * for troubleshooting purposes later, click next. The […]

Read More →

ADFS – Active Directory Federation Services 2016 Installation & Configuration

Install and prepare two servers (adfs01/02.domain.com) 2016 with windows updates and join them to your domain. Determine the namespace that you will use for your ADFS (adfs.domain.com) Follow up the next step for completion. Service accounts As recommended by Microsoft,  a Group Managed Service Account (gMSA) has been created for managing the ADFS service. Specify which server will be permitted to use the service account. $server1 = Get-ADComputer “adfs01” $server2 = Get-ADComputer “adfs02” get-ADServiceAccount -identity SRVC_ADFS | set-adserviceAccount -DNSHostName SRVC_ADFS.domain.com -PrincipalsAllowedToRetrieveManagedPassword $server1, $server2   Certificate preparation Before the installation, you […]

Read More →