In place upgrading ADFS Windows Server 2008 R2 -> 2012 R2
In place upgrading ADFS Windows Server 2008 R2 -> 2012 R2
This weekend I upgraded my ADFS to windows 2012, I know, it isn't best practices, ADFS stop working. i made a copy before the upgrade everything is up and running now . I'm wondering, anyone else here have experience with this and know of a way to get the new ADFS to start working again on the new server. any help would be greatly appreciated.
Thanks
This weekend I upgraded my ADFS to windows 2012, I know, it isn't best practices, ADFS stop working. i made a copy before the upgrade everything is up and running now . I'm wondering, anyone else here have experience with this and know of a way to get the new ADFS to start working again on the new server. any help would be greatly appreciated.
Thanks
Shaun Vermaak
Some error messages would be helpful
ASKER
The connection to Active Directory Federation Services 2.0 server failed due to invalid credentials.
Did you go through the top 5-10 Google results?
The process is pretty straight forward and explained in below article
https://blogs.technet.microsoft.com/canitpro/2015/02/17/step-by-step-migrating-ad-fs-2-0-to-ad-fs-3-0-for-office365-single-sign-on/
However there are few caveats you must be ware before you proceed
you must create new ADFS farm with same service FQDN as previous with same service account as used with adfs 2.0,
Once you deployed primary ADFS, you must depends on host file entries while installing secondary adfs servers and proxy, otherwise when adding 2nd server in farm it can point to old ADFs server farm and setup can fail
https://blogs.technet.microsoft.com/canitpro/2015/02/17/step-by-step-migrating-ad-fs-2-0-to-ad-fs-3-0-for-office365-single-sign-on/
However there are few caveats you must be ware before you proceed
you must create new ADFS farm with same service FQDN as previous with same service account as used with adfs 2.0,
Once you deployed primary ADFS, you must depends on host file entries while installing secondary adfs servers and proxy, otherwise when adding 2nd server in farm it can point to old ADFs server farm and setup can fail
ASKER
i created the new ADFS farm with same service FQDN and now i am getting error An error occurred during an attempt to set the SPN for the specified service account. Set the SPN for the service account manually. For more information about setting the SPN of the service account manually, see the AD FS Deployment Guide. Error message: The SPN required for this Federation Service is already set on another Active Directory account. Choose a different Federation Service name and try again.
did you used same service account as adfs 2.0 service is running?
ASKER
yes i used the same service account as ADFS 2.0 and i am planing on retiring the 2.0 once i have 3.0 working
ASKER
A WS-Trust endpoint that was configured could not be opened.
Additional Data
Address: https://adfs.insightcu.local/adfs/services/trust/2005/windowstransport
Mode: WindowsTransport
Error:
MSIS0006: A Service Principal Name is not registered for the AD FS service account.
i try to manually create the spn i am getting duplicate SPN found aborting operation.
Additional Data
Address: https://adfs.insightcu.local/adfs/services/trust/2005/windowstransport
Mode: WindowsTransport
Error:
MSIS0006: A Service Principal Name is not registered for the AD FS service account.
i try to manually create the spn i am getting duplicate SPN found aborting operation.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.