cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

ADFS Device Registration cross forest

Peter Holland
Iron Contributor

‎Jan 26 2018 04:06 AM - last edited on ‎Feb 10 2023 02:34 PM by

‎Jan 26 2018 04:06 AM - last edited on ‎Feb 10 2023 02:34 PM by

ADFS Device Registration cross forest

Hi all,

 

is it possible to do device registration (and claims) across a forest trust?

 

it looks to me like it isnt possible due to the limitation of the Enable-AdfsDeviceRegistration -DeviceLocation command being "a domain within the same forest"

 

is there any other way to make this work cross forest? or is this a scenario for additional ADFS farms or moving to Azure AD registration and authentication?

(tagged ADFS 2016, its actually 2012 R2)

 

Thanks 

Pete

Labels:
1,222 Views
0 Likes
1 Reply
Reply
1 Reply
Erick Nwanshi

‎Mar 08 2018 09:08 AM

‎Mar 08 2018 09:08 AM

Re: ADFS Device Registration cross forest

Hi Peter,

 

Not sure if you found the answer to your question; basically registered devices are stored in a single location - which is the one you specify for -DeviceLocation.

This should not impact your cross-forest scenario. Unfortunately, as always with everything ADFS, documentation on not-too-standard deployments is thin...

 

 

Regards,

Erick

0 Likes
Reply