Jorge's Quest For Knowledge!

All About Identity And Security On-Premises And In The Cloud – It's Just Like An Addiction, The More You Have, The More You Want To Have!

«
»

(2014-03-11) Converting An ADFS StandAlone Installation To An ADFS Farm Installation

Posted by Jorge on 2014-03-11


In ADFS v2.0 (on W2K8 or W2K8R2) and ADFS v2.1 (on W2K12) you configure ADFS in StandAlone mode. As you may know when ADFS is installed in StandAlone mode you cannot add additional ADF STS instances. The StandAlone mode SHOULD/MUST NOT be used for production purposes! However, if you made a mistake and you would like to have ADFS in Farm instead to be able to install additional ADFS STS instances, you need to convert it first from StandAlone mode to Farm mode. That’s basically done by changing the ADFS service account from "Network Service" to a custom AD user account. To be able to do that you need to use the PowerShell script available in this post.

Your starting point with this is therefore that you have 1 ADFS STS server in StandAlone mode that will be converted to Farm mode.

After starting the script, you need to confirm with a capital C and press ENTER

image_thumb[61]

Figure 1: Starting The PowerShell Script And Confirm Its Execution

As an operation mode, select option 2 (Final Federation Server), which means a writable federation server.

image_thumb[66]

Figure 2: Selecting The Operation Mode

At some point provide the new service account in the form <domain>\<account> and also specify its password

image_thumb[74]

Figure 3: Providing A New Service Account And Executing The Script To Change All Components Accordingly

The script continues….

If everything goes OK you will see something similar as below

image_thumb[76]

Figure 4: Executing The Script To Change All Components Accordingly Including Any Post Samples – In This Case NONE

However if something goes WRONG you will see something similar as below

image

Figure 5: Executing The Script To Change All Components Accordingly Including Any Post Samples – In This Case 2 Post Samples

To migrate the database from WID to SQL see: AD FS 2.0: Migrate Your AD FS Configuration Database to SQL Server

Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————

This entry was posted on 2014-03-11 at 06:22 and is filed under Active Directory Federation Services (ADFS), Farm, StandAlone. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “(2014-03-11) Converting An ADFS StandAlone Installation To An ADFS Farm Installation”

  1. (2014-02-25) Gathering Architectural Details From Your ADFS Infrastructure – ADFS StandAlone Or ADFS Farm « Jorge's Quest For Knowledge! said

    2014-03-11 at 06:25

    […] One important thing to remember is that when you install ADFS in StandAlone mode, you CANNOT add an additional ADFS STS instance. Multiple ADFS STS instances are only possible when installing ADFS in Farm mode! It is possible to "Convert" ADFS in StandAlone mode to ADFS in Farm mode? Yes it is! See this blog post! […]

    Like

    Reply

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

«
»