DRAG DROP
Contoso, Ltd., uses SharePoint Online and plans a new single sign-on (SSO) implementation that uses
Active Directory Federation Services (AD FS).
Your environment contains the following configurations:
two servers named Server1 and Server2
a partner collaboration website for the domain contoso.com that points to a SharePoint Online team
site
a hardware load balancer to use with Server1 and Server2
You need to install AD FS to support the environment.
Which three actions should you perform in sequence? To answer, move the appropriate actions
from the list of actions to the answer area and arrange them in the correct order.
Explanation:
Example: Creates the first node in a federation server farm that uses the Windows Internal Database
(WID) on the local server computer.
In this example, a certificate thumbprint value is supplied for the CertificateThumbprint parameter.
This certificate will be used as the SSL certificate and the service communications certificate.
PS C:\> $fscredential = Get-Credential
PS C:\> Install-AdfsFarm -CertificateThumbprint 8169c52b4ec6e77eb2ae17f028fe5da4e35c0bed –
FederationServiceName fs.corp.contoso.com -ServiceAccountCredential $fscredential
* Install-AdFsFarm command creates the first node of a new federation server farm.
/ The parameter -CertificateThumbprint<String>
Specifies the value of the certificate thumbprint of the certificate that should be used in the Secure
Sockets Layer (SSL) binding of the Default Web Site in Internet Information Services (IIS). This value
should match the thumbprint of a valid certificate in the Local Computer certificate store.
/ The parameter -FederationServiceName<String>
Specifies the DNS name of the federation service. This value must match the subject name of the
certificate configured on the SSL binding in IIS.
* The Add-AdfsFarmNode command adds this computer to an existing federation server farm.Install-AdfsFarm
https://technet.microsoft.com/en-us/library/dn479416(v=wps.630).aspx
I think Install-AdFsFarm command should be sequence number 2 followed by Add-AdfsFarmNode command being the last. Meaning, create the first federation server in the new farm first and then add server 2 to the existing farm. Am I correct? Thank you.
Yes , GIilert is right, Install-Adfsfarmnode is an option which will add the node to the existing farm.
https://technet.microsoft.com/en-us/library/dn479416(v=wps.630).aspx
Agreed. Need to have the first server setup before adding the second to the farm.
1. Request and install a secure sockets layer (SSL) certificate on Server1 and Server2
2. Run the following Windows PowerShell cmdlet on Server1: Install-AdfsFarm –FederationServiceName fs.contoso.com
3. Run the following Windows PowerShell cmdlet on Server2: Add-AdfsFarmNode