Setting up ADFS Servers – Part 1


If you are looking for AD FS setup for Windows Server 2012 to the NEW Office 365 (wave 15), then please checkout this series of posts.

Complete Series:

Getting to know the NEW Office 365


In the previous step we added and verified your external domain with Office 365, that was the first step in federating AD with Microsoft and Office 365.

In order to enable SSO there are a few more steps in that need to be completed and in this posting we will cover installing ADFS and Federating with Office 365.

Before you try to setup federation it’s always a good idea to document your solution. This will make it a lot easier to achieve your end goal.

This will be the end goal architecture for setting up ADFS, ADFS Proxies and Directory Synchronization


  1. Base build ADFS01 and ADFS02 with Windows Server 2008 R2 SP1 (Standard or Enterprise)


  2. Add the servers to the local domain and assign static IP addresses from your internal network (192.168.0.x)


  3. If you are using and internal domain name that doesn’t match the domain that you federated with Office 365 you will have to add a custom UPN suffix that matches that external name space


  1. Internal Domain – contoso.local
  2. External Domain –

UPN Suffix will need to be added for

If you need to add the UPN suffix, please follow these instructions,

This post assumes that you have matching internal and external name spaces or that you have added the UPN suffix

  1. Create a domain service account for use with ADFS 2.0 RTW. It just has to be a regular user account and make sure to set the password not to expire.


  2. While logged into ADFS01 and ADFS02 with an administrator account open the Microsoft Online Admin Portal ( and log in with a global administrator account.


  3. Click Downloads on the right had side of the page.


  4. Click the ‘Set up’ button from ‘Set up and configure your Office and desktop apps’


  5. The application will launch


  6. Sign in with an account that has Global Admin rights on the Office 365 Account


  7. Uncheck any applications that are checked so that only the ‘Microsoft Online Services Sign-in Assistant’ will be installed


  8. Accept the agreement to start the install


  9. Click Finish


  10. Download ADFS 2.0 RTW from ADFS01 and ADFS02 making sure that you select the edition that matches the operating system on the ADFS server.


Install ADFS 2.0 RTW on ADFS01

  1. Double click the file that you just downloaded to launch the install


  2. Click Next on the Welcome Screen


  3. Accept the License Agreement


  4. Server Role Option screen, select Federation Server


  5. Click ‘Next’ and walk through the rest of the install process. This will install all the required operating system components and setup the ADFS site in IIS
    1. Windows Identity Foundation
    2. .NET Framework 3.5 SP1
    3. Internet Information Services (IIS)
    4. Windows PowerShell 2.0


  6. When the install is finished, uncheck ‘ Start the ADFS 2.0 Management Snap-in’ and click ‘Finish’


The Complete Series of Posts


  1. Open Office 365 Account and Sign up for the E Plan Trail
  2. Add and Verify the primary SMTP domain
  3. Setting up ADFS Servers with Windows NLB
    1. Part 1
    2. Part 2
    3. Part 3
    4. Part 4


  4. Setting up ADFS Proxy Servers with Windows NLB
    1. Part 1
    2. Part 2


  5. Setup Directory Synchronization to Office 365

6.   Force AD Synchronization with Office 365

Thanks for visiting and reading my posts. I am always looking for more ideas. Please comment or email me with what you would like to see.

Kelsey Epps

Office 365 MVP

Email Me Follow me on Twitter Connect with me on LinkedIN Facebook Me

2 thoughts on “Setting up ADFS Servers – Part 1

Leave a Reply