Add a federation server to the federation server farm

  • Article

Applies To: Azure, Office 365, Power BI, Windows Intune

After you install the AD FS software and configure the required certificates on a computer, you are ready to configure the computer to become a federation server. You can use the following procedure to join a computer to a new federation server farm.

You join a computer to a farm with the AD FS Federation Server Configuration Wizard. When you use this wizard to join a computer to an existing farm, the computer is configured with a read-only copy of the AD FS configuration database and it must receive updates from a primary federation server.

  • Add a federation server to the federation server farm using AD FS 2.0 on Windows Server 2008 or Windows Server 2008 R2

  • Add a federation server to the federation server farm using AD FS on Windows Server 2012

Add a federation server to the federation server farm using AD FS 2.0 on Windows Server 2008 or Windows Server 2008 R2

  1. After the AD FS 2.0 software installation is complete, click Start, then Administrative Tools, and then AD FS 2.0 Management to open the AD FS 2.0 Management snap-in.

  2. On the Overview page, or in the Actions pane, click AD FS 2.0 Federation Server Configuration Wizard.

  3. On the Welcome page, verify that Add a federation server to an existing Federation Service is selected, and then click Next.

  4. If the AD FS 2.0 database that you selected already exists, the Existing AD FS Configuration Database Detected page appears. If that occurs, click Delete database, and then click Next.

    Warning

    Select this option only when you are sure that the data in this AD FS 2.0 database is not important or that it is not used in a production federation server farm.

  5. On the Specify the Primary Federation Server and Service Account page, under Primary federation server name, type the computer name of the primary federation server in the farm, and then click Browse. In the Browse dialog box, locate the domain account that is used as the service account by all other federation servers in the existing federation server farm, and then click OK. Type the password and confirm it, and then click Next.

  6. On the Ready to Apply Settings page, review the details. If the settings appear to be correct, click Next to begin configuring AD FS 2.0 with these settings.

  7. On the Configuration Results page, review the results. When all the configuration steps are finished, click Close to exit the wizard.

Add a federation server to the federation server farm using AD FS on Windows Server 2012

  1. There are two ways to start the AD FS Federation Server Configuration Wizard. To start the wizard, do one of the following:

    • After the Federation Service role service installation is complete, open the AD FS Management snap-in and click the AD FS Federation Server Configuration Wizard link on the Overview page or in the Actions pane.

    • Anytime after the setup wizard is complete, open Windows Explorer, navigate to the C:\Windows\ADFS folder, and double-click FsConfigWizard.exe.

  2. On the Welcome page, verify that Add a federation server to an existing Federation Service is selected, and then click Next.

  3. If the AD FS database that you selected already exists, the Existing AD FS Configuration Database Detected page appears. If that occurs, click Delete database, and then click Next.

    Warning

    Select this option only when you are sure that the data in this AD FS database is not important or that it is not used in a production federation server farm.

  4. On the Specify the Primary Federation Server and Service Account page, under Primary federation server name, type the computer name of the primary federation server in the farm, and then click Browse. In the Browse dialog box, locate the domain account that is used as the service account by all other federation servers in the existing federation server farm, and then click OK. Type the password and confirm it, and then click Next:

  5. On the Ready to Apply Settings page, review the details. If the settings appear to be correct, click Next to begin configuring AD FS with these settings.

  6. On the Configuration Results page, review the results. When all the configuration steps are finished, click Close to exit the wizard.

Next step

Now that you have added a federation server to your federation server farm, navigate back to Checklist: Deploy your federation server farm on legacy versions of Windows Server and complete the rest of the steps.

See Also

Concepts

Checklist: Deploy your federation server farm on legacy versions of Windows Server
Checklist: Use AD FS to implement and manage single sign-on