I'm having a hard time finding some good articles on best practices for ADFS. We are looking to implement SSO for less than 200 users. We plan on setting up a federated server farm (2 servers) behind a hardware load balance. Is a ADFS proxy necessary if we put the federated server farm behind the hardware load balancer? I need the solution to be redundant however it would seem unnecessary for us to build out 4 servers (2 for ADFS, 2 for proxy).
Asked
Active
Viewed 1,482 times
1
-
1Is this for Office 365 integration? – Evan Anderson Jan 24 '14 at 17:15
1 Answers
1
Microsoft outlines counts of servers necessary as it relates to using ADFS to integrate with Office 365, Azure, and Intune. For Windows Server 2012-based ADFS deployments they call out a minimum of two (2) ADFS servers and two (2) proxies.
Of course, having redundant servers on-site is meaningless if your Internet connection, network infrastructure, and power isn't also redundant. If you're concerned about losing your entire ADFS infrastructure when your servers get carried away by a tornado / flood / rioters then you might consider deploying a redundant ADFS environment, including a Domain Controller, in an off-site hosting facility.
Evan Anderson
- 141,881
- 20
- 196
- 331
-
One other option is to consider migrating that infrastructure to Azure VMs. – maweeras Feb 01 '14 at 22:59
-
Yep-- in an off-site hosting facility (see my last paragraph). >smile – Evan Anderson Feb 01 '14 at 23:16