AD FS Minimum Requirements and Prerequisites

This video looks at the minimum requirements to install Active Directory Federation Services. Later videos will look at the process of installing Active Directory Federation Services.

Show lesson content
Common Requirements
For Active Directory Federation Services 3.0 and below there are a number of common requirements. The server that you plan to install Active Directory Federation Services (AD FS) needs to be a member of the domain. If AD FS needs to be accessed from the internet, it is possible to put a proxy component in the DMZ and access AD FS indirectly that way.

AD FS also requires 3 certificates: an SSL certificate, a Token-Signing certificate and a Token decryption certificate. The SSL certificate needs to be created before the install. This will need to be trusted by the clients so it is recommend to use a trusted 3rd party or an internal CA hierarchy. It is possible to use a self-signed certificate, however self-signed certificates are generally only used in a test environment and there are a lot of additional steps in the install process in order to use a self-signed certificate. The Token-Signing and Token decryption certificates are created during the install and use self-signed certificates. It is possible for the administrator to create and use their own certificates if they want additional security.

Windows Server 2012/R2
If you are using Windows Server 2012 you will be running AD FS 2.1. Windows Server 2012 R2 runs AD FS 3.0. The install itself requires the Foundation, Essentials, Standard or Datacenter editions of Windows Server. On Windows Server 2012, IIS is required for AD FS. Version 3.0 that comes with Windows Server 2012 R2 does not require IIS to be installed. For the hardware, the minimum hardware requirements are quite low. RAM is listed as 1 Gigabyte, however for our use, Windows Server 2012 tends to run better with 2 Gigabytes or more RAM.

Windows Server 2008/R2
Windows Server 2008 and R2 both come with AD FS 1.1. Version 2.0 can be download and installed. In order to install AD FS, Windows Server needs to be running Enterprise or Datacenter. Also a number of additional components are required. These are IIS, ASP Net 2.0 and .NET Framework 2.0. The hardware requirements are quite low at a 133MHz CPU, 1 Gigabyte of RAM and 50 Gigabytes of drive space.

Windows Server 2003 R2
If you are using Windows Server 2003 R2 you will be running AD FS 1.0. AD FS requires the Enterprise or Datacenter editions in order to be installed. The following additional components are also required, IIS, ASP Net 2.0 and .NET Framework 2.0. The hardware requirements are quite low at a 133MHz CPU, 256 Megabytes of RAM and 10 Gigabytes of drive space.

“Appendix A: Reviewing AD FS Requirements” http://technet.microsoft.com/en-us/library/ff678034.aspx
“Window Server 2012 Products and Editions Comparison” http://www.microsoft.com/en-au/download/confirmation.aspx?id=38809
“ADFS requirements” http://technet.microsoft.com/en-us/library/cc727972(v=ws.10).aspx


Lesson tags: 70-640-active-directory
Back to: 70-640 Introduction to Active Directory > Federation Services

Active Directory is a system which offers centralized control of your computers.


Active Directory Infrastructure


Group Policy