Hyper V — Windows Server 2019 with ADFS — ADFS setup instructions
Continuing from the previous article here to setup VM on the local for the Windows server 2019, we will continue with the instructions for the ADFS setup now
Setup ADFS and required components
We need ssl connection end to end so that would require — ssl certs and we will use mkcert for that part
Part 1 — Setup the IIS server.
- Click on Add roles and features.
2. Nothing here, Click Next.
3. Select the first option as below:-
4. Proceed by clicking on Next.
5. Select Web Server (IIS)
6. Proceed as below :-
7. Click on install.
Part 2 — Install AD Domain service.
Simple steps, as previous ones
Add Roles and Features -> Next -> Next -> Install
Part 3 — Promote server to domain controller.
0. Prerequisites follow steps here to install the mkcert, create cert(s) & configure in the IIS.
- Click on the notifications icon on the top left, Click on the Promote this server to a domain controller
2. Select the 3rd option (Add a new forest). Enter the Root domain name as what ever you want
3. Set the password for the DSRM.
4. Enter the NetBIOS domain name, it can be anything, but based on this the users will be like DOMAIN_NAME/USER.
5. Click on Install
Will take some time to restart
6. Next a notification warning icon will come up on notifications as below.
Click on the Configure the federation service on this server.
7. For most of us it will be Create the first federation server in a federation server farm
8. Connect to AD FS click next and on service properties import certs, the same certs that were configured previously on IIS.
9. Give appropriate service name here.
10. Enter the password that was configured previously for the Administrator.
11. For most of us setting up for dev/local setup it is going to be the first option.
12. Review options click next
Part 4— Install ADFS on the server.
It is mainly Next next and install
Configure, may not be required, but should be straight forward enough.
Part 5 — Configure the hosts file
In the hosts file make entry for the domain that was configured while all this for ADFS server.
Command to find the IP address of the VM machine using power shell(Administrator mode) is:-
get-vm -Name "MACHINE_NAME" | Select -ExpandProperty NetworkadaptersIssues
- Enable the idp initiated sign on page property as below
If you want to access the idp iniated url which is — /adfs/ls/idpinitiatedsignon
Set-AdfsProperties -EnableIdpInitiatedSignonPage $True2. The following screen will come only if the ADFS server was installed first but domain controller etc. was done later.. Need not panic, the other steps can be done later also.
Feel free to get in touch with me for any issue around this one.
