Active Directory Federation Service (ADFS)

ADFS is a Microsoft Windows Server feature used for single sign-on (SSO) authentication across multiple systems or applications.

Configuring ADFS

First install the ADFS Features

After it completes, select Configure the federation service on this server

Select create new

Select the user

Select the SSL Certificate and the Federation Service name

Next specify the service account, this will pops out an error saying Group Managed Service Accounts are not available, just run the provided command on the powershell to resolve the error

Then hit next

After that specify the database, for small lab environment selecting internal database should be fine

Review everythng and then select configure

Close the configuration window

At this point, the adfs page should be up but with an error saying the resource is not available

All we need to do is enable IdP Sign On page using powershell

Now the error should go away

Now we can sign in using an Active Directory user

Hit this link to verify the ADFS is up and running