We help IT Professionals succeed at work.

ADFS & ADFS Proxy over multiple sites for SSO on Office 365

5,776 Views
Last Modified: 2014-08-21
Hi

We are trying to setup a hybrid setup for exchange 2013 and Office 365 - as well as using SSO.

We would like the ADFS machines to be fault tolerant and spread out over 2 physical sites for extra redundancy.

I have attached a diagram of the server setup over the 2 sites.

My questions are: How do we setup the NLB over 2 sites (with different IP ranges)
What would the Public DNS be pointing too for the STS address
What would the internal DNS be pointing too for the STS address

Please also note that the external domain and internal domain are the same  (eg, domain.com is the public domain, and domain.com is the domain used for AD) - not sure If that makes a difference.

Thanks

Steve
Comment
Watch Question

Architect
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
CERTIFIED EXPERT
Most Valuable Expert 2015
Distinguished Expert 2019

Commented:
True active/active setup between different sites is hard to achieve, costly and in general, not necessary. If you are interested in such, you can review for example this thread: http://social.msdn.microsoft.com/Forums/vstudio/en-US/80220b1c-d024-4f51-af9e-f38c4fe19c31/adfs-high-geo-redundancy?forum=Geneva
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.