Domain Controller and AD FS Upgrade from Windows Server 2008 R2

Install-WindowsFeature ADFS-Federation -IncludeManagementTools

1. Configure AD FS:
   • Run the AD FS Configuration Wizard and choose to Create the first federation server in a new federation farm.
   • Ensure you have the necessary SSL certificates installed on the new AD FS server.
   • If you have an AD FS proxy, configure that as well to ensure external access.

4.2. Migrate AD FS Settings and Trusts

If you have relying party trusts or claims rules configured in your old AD FS 2.0 environment, you will need to manually migrate these settings to the new AD FS server. Export and import the configuration settings as needed.

• To export the configuration from the old AD FS 2.0 server:
• Export-AdfsConfiguration -Path "C:\ADFS_Backup"
• Import-AdfsConfiguration -Path "C:\ADFS_Backup"

• Post-Upgrade Steps

  • Verify Functionality: Ensure that Active Directory and AD FS are functioning correctly. Test Group Policy, DNS, and authentication processes.
  • Monitor for replication issues between the Domain Controllers and the AD FS server.
  • Retire old hardware: Once you confirm the environment is stable, you can safely retire the old Domain Controllers and the AD FS server.

  6. Key Considerations

  • Windows Server 2022 or Windows Server 2019 is highly recommended for the DCs and AD FS servers. Make sure you install a supported version.
  • DNS and DHCP Configuration: Ensure these services are correctly transferred to the new DCs.
  • Legacy Applications: Check for any applications relying on older versions of AD FS or Active Directory features and plan for their compatibility.