Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

ADFS 2.0 upgrade/migration ADFS 3.0

Posted on 2014-10-16
3
Medium Priority
?
3,141 Views
Last Modified: 2014-10-16
Hi All

I'm hoping someone here can help me. We currently have ADFS 2.0 in place running in a NTLM cluster. We are using our ADFS environment in a hybrid environment for office 365 and various other cloud services  but I'm now looking at the possibility of upgrading to ADFS 3.0.

My current environment is setup as follows.
2x ADFS proxy servers configured with NTLM
2x ADFS server configured with NTLM
1x Dirsync server

The questions I have are:
1. It there a upgrade or migration option from ADFS 2.0 to ADFS 3.0?
2. If no upgrade/migration is it possible to install an ADFS 3.0 environment in the same local domain?

Many thanks in advance
0
Comment
Question by:TazzEE
  • 2
3 Comments
 
LVL 1

Accepted Solution

by:
RSayadi earned 2000 total points
ID: 40384362
During the years I have learned to do a fresh install for these kind of migrations.
Note:
ADFS 2.0 = W2K8R2
ADFS 2.1 = W2K12
ADFS 3.0 = W2k12R2

In ADFS 3.0 there are a lot of changes. E.g. The proxy servers are replaced by WAP servers which have ADFS Proxy capability. But can do a lot more than that. Also there is no Stand alone installation possible. Therefore you have the option to install a new farm or ad a federation server to a existing farm.

I would do a fresh installation and decommission the 2.0 servers.  

Here is a great installation manual(Part 1,2,3):
http://blogs.technet.com/b/rmilne/archive/2014/04/28/how-to-install-adfs-2012-r2-for-office-365.aspx

Hope this helps
0
 

Author Comment

by:TazzEE
ID: 40384529
Hi RSayadi

Many thanks for the reply and I think the link has answered all of my follow up questions as well :)
The only thing I'm unclear about it when installing w2k12r2 ADFS server will I add it to the existing ADFS 2.0 farm or choose new?

thanks again for the great response!
0
 
LVL 1

Expert Comment

by:RSayadi
ID: 40384570
Hi TazzEE,

This is a trick question. I would choose a new farm and point it to the old database. But you have to take your farm naming into consideration. As the blog post states. "There can be only one"

If you have the freedom to choose a new name, choose a new farm installation. It will give you less issues.

Cheers,
Reza
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
In this article, I will demonstrate that how to do a PST migration from Exchange Server to Office 365. This method allows importing one single PST, or multiple PST's at once.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question