Installation of ADFS for BA Cloud

Servicen her installeres på domenekontrolleren.

We use Stand-Alone.

A valid SSL certificate must be installed for IIS on domain controller.

Change federation service name to your full internal domain.


  • Stop AD FS server.
  • Windows Internal Database service will be started and set to automatic startup.
  • Signing and token-encryption certificates will be generated and set to automatic roll over.
  • Selected SSL certificate will be used for securing service communication.
  • Network Service account will be given access to the database, to the certificate private keys and endpoints, and the service will run under this account.
  • Default set of endpoints will be enabled.
  • Browser sign-in web site will be deployed to the '/adfs/ls' virtual directory under the Default Web Site in IIS.
  • Federation Service name is

Start AD FS server.