ADFS Device Registration cross forest

Iron Contributor

Hi all,


is it possible to do device registration (and claims) across a forest trust?


it looks to me like it isnt possible due to the limitation of the Enable-AdfsDeviceRegistration -DeviceLocation command being "a domain within the same forest"


is there any other way to make this work cross forest? or is this a scenario for additional ADFS farms or moving to Azure AD registration and authentication?

(tagged ADFS 2016, its actually 2012 R2)




1 Reply

Hi Peter,


Not sure if you found the answer to your question; basically registered devices are stored in a single location - which is the one you specify for -DeviceLocation.

This should not impact your cross-forest scenario. Unfortunately, as always with everything ADFS, documentation on not-too-standard deployments is thin...