Home

AD+ADFS (How to make?)

Highlighted
Sandro Alves
New Contributor

Hello,

 

I need to make an ADFS with ADFS available for an application and would like to prepare it on the cloud.

 

Is there an AD Azure service that I can use with ADFS? If so, how does access to the service work? Is it a public or dynamic IP?

 

Or for that matter I have to create a virtual server to install Windwos Server and ADFS?

Is access to the AD + ADFS server created in Azure only accessible by a public IP? Is this ip fixed or dynamic? Or can I use it with a VPN Site to Site?

 

I know ADFS needs a digital certificate. In such cases, if it is service or server in Azure, how would it work?


Thank you.

1 Reply

Azure AD has native support for SSO for applications that support ADFS: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-custom-apps

 

I'd recommend using that, it'll keep you away from unneccessary infrastructure and expenses and does not need anything extra like VM's or certificates.

 

If you do want to use ADFS itself, you'll need to build at least 1 VM with ADFS (component of Server 2016) and configure it with a certificate you buy. You'll need a fixed public IP, this is possible in Azure: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-deploy-static-pip-arm-portal

 

Site to Site vs public IP depends on where your clients are coming from, site to site is more expensive but also more secure.

 

 

Related Conversations
Calendar not available for older AD accounts
_jancis in Microsoft Teams on
0 Replies
Active Directory - ACL question
CHobbs3733 in Tech Talks Forum on
0 Replies
ADFS 2016, Exchange Online, Office 365.
Robert Bollinger in Office 365 on
3 Replies
A problem with the Zoom level of a Tab
Tavory in Discussions on
9 Replies
Azure AD Federated with AD FS Issue
YU Yang in Azure Active Directory on
4 Replies