On the “ Server Role” page, we need to specify which to configure. Ok, launch “ AdfsSetup.exe” and then accept the license agreement. And while we’re at it, we also need to download the latest update for ADFS 2.0 RTW, which currently is Update 2. We need to download a separate package from the Internet. It’s not the ADFS component included with Windows Server 2008 R2 that we need to install. With the two ADFS servers configured in a WNLB cluster and the required certificate imported, it’s time to get the ADFS 2.0 RTW component installed and configured on both servers. Repeat the above steps on the second ADFS server. In ” Add Site Bindings”, select ” HTTPS” in the ” Type” drop-down box and then point at the imported certificate under ” SSL certificate”.įigure 6: Adding a new site binding for HTTPS To do so, expand ” Sites” then select the ” Default Web Site” and click on the ” Bindings” link in the ” Action Pane”.įigure 5: Clicking “Bindings” under Sites in IIS Manager Next step is to bind the certificate to the “ Default Web Site”. Point to the certificate you wish to import and then specify the password, then click ” OK”.įigure 3: Pointing to the certificate we wish to importĪs can be seen in Figure 4, the certificate has now been imported to IIS. Under Server Certificates, click ” Import” in the action pane as shown in Figure 2.įigure 2: Clicking “Import” under Server certificates in the IIS Manager To import the certificate, open the IIS Manager and select the web server object and then open “ Server Certificates” in the middle pane.įigure 1: Selecting Server Certificates in IIS Manager If you use a single name certificate, the FQDN included should match the FQDN we configured in the previous article (in this example ). Although we use a wildcard certificate in this article series, a single name SSL certificate is sufficient.
Because all clients should trust this certificate, it’s recommended to import a certificate from a 3rd party certificate provider.
Since all client authentication against ADFS occurs via SSL, we need to import a server authentication certificate on each ADFS server.
Let’s get going… Importing the Server Authentication Certificate into IIS After we have configured the servers, we will verify they work as expected. That is we will install and configure Active Directory Federation Service (ADFS) 2.0 on the two ADFS servers on the internal network. In this part 3, we will continue where we left off in part 2. In part 2 of this multi-part articles series revolving around Exchange hybrid deployment based migrations to Office 365 or more precisely Exchange Online, we configured the two ADFS servers in a Windows Network Load Balancing (WNLB) cluster in order to load balance incoming authentication sessions. Configuring an Exchange Hybrid Deployment & Migrating to Office 365 (Exchange Online) (Part 13)
0 kommentar(er)
