AD+ADFS (How to make?)

Sandro Alves
New Contributor

Hello,

 

I need to make an ADFS with ADFS available for an application and would like to prepare it on the cloud.

 

Is there an AD Azure service that I can use with ADFS? If so, how does access to the service work? Is it a public or dynamic IP?

 

Or for that matter I have to create a virtual server to install Windwos Server and ADFS?

Is access to the AD + ADFS server created in Azure only accessible by a public IP? Is this ip fixed or dynamic? Or can I use it with a VPN Site to Site?

 

I know ADFS needs a digital certificate. In such cases, if it is service or server in Azure, how would it work?


Thank you.

1 Reply

Azure AD has native support for SSO for applications that support ADFS: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-custom-apps

 

I'd recommend using that, it'll keep you away from unneccessary infrastructure and expenses and does not need anything extra like VM's or certificates.

 

If you do want to use ADFS itself, you'll need to build at least 1 VM with ADFS (component of Server 2016) and configure it with a certificate you buy. You'll need a fixed public IP, this is possible in Azure: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-deploy-static-pip-arm-portal

 

Site to Site vs public IP depends on where your clients are coming from, site to site is more expensive but also more secure.

 

 

Related Conversations
Extentions Synchronization
Deleted in Discussions on
3 Replies
Tabs and Dark Mode
cjc2112 in Discussions on
35 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
29 Replies