ADFS and On-Premises MFA server upgrade

M. Sheeraz Ansari 136 Reputation points
2020-12-25T19:39:09.713+00:00

Hello Tech Community,

We have a customer currently using 2012 R2 ADFS with On-Premises MFA version 8.0.1. Current setup includes three ADFS servers hosting On-Premises MFA role on a single farm and three ADFS WAP servers (2 Primary and 1 DR). Customer wants to upgrade this infrastructure to 2016 Based ADFS along with same On-Premises MFA version 8.0.1. I would like to know following.

  • Has anyone tested MFA version 8.0.1 on Windows Server 2016?
  • What should be the approach of this infrastructure upgrade as there are critical applications dependent on MFA authentication?
  • Or should we deploy MFA latest version (8.0.5) with ADFS 2016?
  • Please also mention fall back approach during this upgrade.

Thanks in advance.

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,203 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,679 questions
0 comments
Accepted answer
  1. Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,326 Reputation points
    2020-12-28T23:00:53.41+00:00

    Hello,

    1. MFA server 8.0.1 works with Windows Server 2016.
    2. The safest approach would be to add new MFA Servers to the existing collection and turn off older MFA servers.
    3. That would be the best in tandem with previous recommendation.
    4. Please follow steps detailed in Back up and restore Azure MFA Server.

    Please let me know if you need more help. If the answer was helpful to you, please accept it and, optionally, provide feedback so that other members in the community can benefit from it.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest