Forum Discussion
Entra Connect Health for ADFS Agent Quantity
Hi there,
We are looking at installing the Entra Connect Health for ADFS agent to monitor our ADFS infrastructure.
Do we have to install the agent on *every* server in the farm (as in all the servers running the ADFS service, we have 3)? Or just one agent on the *primary* farm server?
The documentation is a little vague on this point.
It seems clear the WAP servers are separate, just not if all farms servers need an agent.
So if we install on all farm servers, we then need 25 Entra P1/P2 licences per agent install, so 75 in our case?
Thanks
Chris
- LeonPavesicSilver Contributor
Hi chris1160,
You only need to install the Entra Connect Health for AD FS agent on one server in the farm. It doesn't matter if you install it on the primary farm server or another server in the farm.
The agent will monitor all of the servers in the farm, regardless of where it is installed.
You will need to purchase a Microsoft Entra P1 or P2 license for each agent you install.
So in your case, you would need three licenses.
Install the Microsoft Entra Connect Health agents in Microsoft Entra ID - Microsoft Entra | Microsoft LearnPlease click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.If the post was useful in other ways, please consider giving it Like.
Kindest regards,
Leon Pavesic
(LinkedIn)- chris1160Copper ContributorThank you! I will try and install on one of the farm servers now then.
- govindagoudBrass Contributor
you need to install the agent on every server in the farm that is running the ADFS service. This is because the agent collects data from the ADFS event logs and performance counters on each server and sends it to the Entra Connect Health service. If you only install the agent on one server, you will not get a complete picture of your ADFS health and performance.
You also need to install the agent on each Web Application Proxy server that is connected to your ADFS farm. The agent will collect data from the Web Application Proxy event logs and performance counters and send it to the Entra Connect Health service as well.
As for the licensing, you need to have a Microsoft Entra ID P1 or P2 subscription for each user account that is used to install and configure the agents. You also need to have a Microsoft Entra ID P1 or P2 license for each user account that accesses the Entra Connect Health portal or API. You do not need to have a license for each agent installation. For more information,
Below docs says need to install in each of on-prem identify server.