We have a local non-routable domain mycompany.local environment and all the AD users has additional mycompany.com.au suffix. AD Sync with Office365 is working via Azure AD connector currently.
We own the mycompany.com.au domain. I am planning to user adfs.mycompany.com.au as Federation Service Name
Is there any step by step guide for this scenario? I couldn't find much around the internet.
I have few questions that I couldn't find the answer yet.
Q1. Can I install ADFS on the non-routable server ADFS01.mycompany.local? if yes, what would be necessary steps to follow?
Q2. Can I install Web Application proxy on the non-routable server ADFS02.mycompany.local and use port forwarding to route traffic from adfs.mycompany.com.au to internal IP address of ADFS02.mycompany.local?
Q3. Can I use domain CA to generate the certification for ADFS to use? Do I just put both adfs.mycompany.com.au and ADFS01.mycompany.local on the certification?
Any recommendation would be much appreciated.