{"id":41929,"date":"2020-02-18T09:00:17","date_gmt":"2020-02-18T08:00:17","guid":{"rendered":"https:\/\/nolabnoparty.com\/?p=41929"},"modified":"2020-02-15T12:11:57","modified_gmt":"2020-02-15T11:11:57","slug":"upgrade-ad-fs-3-0-to-windows-server-2016-2019","status":"publish","type":"post","link":"https:\/\/nolabnoparty.com\/en\/upgrade-ad-fs-3-0-to-windows-server-2016-2019\/","title":{"rendered":"Upgrade AD FS 3.0 to Windows Server 2016\/2019"},"content":{"rendered":"<p><img decoding=\"async\" class=\"aligncenter wp-image-42396 size-full\" title=\"adfs-30-upgrade-to-windows-server-2016-01\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2020\/02\/adfs-30-upgrade-to-windows-server-2016-01.jpg\" alt=\"adfs-30-upgrade-to-windows-server-2016-01\" width=\"602\" height=\"202\" \/><\/p>\n<p>To take benefit of new features provided by <a href=\"https:\/\/docs.microsoft.com\/en-us\/windows-server\/identity\/ad-fs\/overview\/whats-new-active-directory-federation-services-windows-server\" target=\"_blank\" rel=\"noopener noreferrer\">AD FS 2016\/2019<\/a>, an <a href=\"https:\/\/nolabnoparty.com\/en\/adfs-3-0-setup-upn-suffix-for-office-365-sso-pt-1\/\">AD FS 3.0<\/a> deployment must be upgraded following specific steps to avoid service disruption.<\/p>\n<p>The upgrade procedure is pretty straightforward and <strong>it doesn't require any service downtime<\/strong>.<\/p>\n<p><!--more--><\/p>\n<p>The <strong>steps involved<\/strong> in the upgrade procedure are the following:<\/p>\n<ul>\n<li>Add a new <a href=\"https:\/\/nolabnoparty.com\/en\/windows-2016-server-convert-evaluation-licensed-version\/\">Windows Server 2016<\/a> and install the AD FS role<\/li>\n<li>Configure AD FS service in the new server<\/li>\n<li>Move the FBL to the new server<\/li>\n<li>Remove old server from the AD FS farm<\/li>\n<li>Upgrade to FBL Server 2016<\/li>\n<\/ul>\n<blockquote><p>Although the upgrade procedure uses Windows Server 2016 as a reference,\u00a0<strong>steps are similar<\/strong> also for the upgrade to Windows Server 2019.<\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<h2>Install the AD FS role to the new server<\/h2>\n<p>From <strong>Server Manager<\/strong> click <strong>Manage &gt; Add Roles and Features<\/strong>. Click <strong>Next<\/strong>\u00a0to begin with the role installation.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-42398 size-large\" title=\"adfs-30-upgrade-to-windows-server-2016-02\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2020\/02\/adfs-30-upgrade-to-windows-server-2016-02-600x427.jpg\" alt=\"adfs-30-upgrade-to-windows-server-2016-02\" width=\"600\" height=\"427\" \/><\/p>\n<p>This article has been written for\u00a0<a href=\"https:\/\/www.starwindsoftware.com\/blog\/\" target=\"_blank\" rel=\"noopener noreferrer\">StarWind blog<\/a>\u00a0and can be found in\u00a0<a href=\"https:\/\/www.starwindsoftware.com\/blog\/upgrade-ad-fs-3-0-to-windows-server-20162019\" target=\"_blank\" rel=\"noopener noreferrer\">this page<\/a>. It covers the full procedure to <strong>upgrade AD FS 3.0 to Windows Server 2016\/2019<\/strong> version with no service disruption.<\/p>\n<p>&nbsp;<\/p>\n<h2>Move the Farm Behavior Levels (FBL) to the new Server 2016<\/h2>\n<p>Introduced in AD FS for Windows Server 2016, the Farm Behavior Level (FBL) is a farm-wide setting that determines the <strong>features the AD FS farm<\/strong> can use.<\/p>\n<p>Run the following command to make the <strong>Server 2016 as PrimaryComputer<\/strong>.<\/p>\n<p><span style=\"color: #0000ff;\">PS C:\\&gt; Set-AdfsSyncProperties -Role PrimaryComputer<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-42400 size-large\" title=\"adfs-30-upgrade-to-windows-server-2016-03\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2020\/02\/adfs-30-upgrade-to-windows-server-2016-03-600x52.jpg\" alt=\"adfs-30-upgrade-to-windows-server-2016-03\" width=\"600\" height=\"52\" \/><\/p>\n<p>Now verify the Server 2016 role has been assigned successfully.<\/p>\n<p><span style=\"color: #0000ff;\">PS C:\\&gt; Get-AdfsSyncProperties\u00a0<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-42402 size-large\" title=\"adfs-30-upgrade-to-windows-server-2016-04\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2020\/02\/adfs-30-upgrade-to-windows-server-2016-04-600x133.jpg\" alt=\"adfs-30-upgrade-to-windows-server-2016-04\" width=\"600\" height=\"133\" \/><\/p>\n<p>In the Windows Server 2012 R2 run the command:<\/p>\n<p><span style=\"color: #0000ff;\">PS C:\\&gt; Set-AdfsSyncProperties -Role SecondaryComputer -PrimaryComputerName &lt;adfs_server_name&gt;<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-42404 size-large\" title=\"adfs-30-upgrade-to-windows-server-2016-05\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2020\/02\/adfs-30-upgrade-to-windows-server-2016-05-600x50.jpg\" alt=\"adfs-30-upgrade-to-windows-server-2016-05\" width=\"600\" height=\"50\" \/><\/p>\n<p>Now verify the Windows Server 2012 R2 <strong>Role<\/strong> has been changed to <strong>SecondaryComputer<\/strong>.<\/p>\n<p><span style=\"color: #0000ff;\">PS C:\\&gt; Get-AdfsSyncProperties\u00a0<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-42406 size-large\" title=\"adfs-30-upgrade-to-windows-server-2016-07\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2020\/02\/adfs-30-upgrade-to-windows-server-2016-06-600x174.jpg\" alt=\"adfs-30-upgrade-to-windows-server-2016-06\" width=\"600\" height=\"174\" \/><\/p>\n<p>The following command in the Server 2016 will show the current AD FS farm information with the exception of old versions:<\/p>\n<p><span style=\"color: #0000ff;\">PS C:\\&gt; Get-AdfsFarmInformation<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-42408 size-large\" title=\"adfs-30-upgrade-to-windows-server-2016-08\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2020\/02\/adfs-30-upgrade-to-windows-server-2016-07-600x105.jpg\" alt=\"adfs-30-upgrade-to-windows-server-2016-08\" width=\"600\" height=\"105\" \/><\/p>\n<p>Read the\u00a0<a href=\"https:\/\/www.starwindsoftware.com\/blog\/upgrade-ad-fs-3-0-to-windows-server-20162019\" target=\"_blank\" rel=\"noopener noreferrer\">full article<\/a>\u00a0on StarWind blog.<\/p>\n<p><img decoding=\"async\" title=\"signature\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/images\/firma.jpg\" alt=\"signature\" \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>To take benefit of new features provided by AD FS 2016\/2019, an AD FS 3.0 deployment must be upgraded following specific steps to avoid service disruption. The upgrade procedure is pretty straightforward and it doesn't require any service downtime.<\/p>\n","protected":false},"author":3,"featured_media":42396,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rop_custom_images_group":[],"rop_custom_messages_group":[],"rop_publish_now":"initial","rop_publish_now_accounts":{"linkedin_93tdZWzMZc_93tdZWzMZc":"","facebook_2879994398731222_17841400390232720":"","twitter_113568041_113568041":"","mastodon_115463926174894442_115463926174894442":""},"rop_publish_now_history":[],"rop_publish_now_status":"pending","footnotes":""},"categories":[1065,913,1721],"tags":[1942,1570,2115,932],"class_list":["post-41929","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-en","category-active-directory-en","category-office365-en","tag-ad-fs","tag-adfs-en","tag-adfs-2016","tag-windows-en","has_thumb"],"_links":{"self":[{"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/posts\/41929","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/comments?post=41929"}],"version-history":[{"count":0,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/posts\/41929\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/media\/42396"}],"wp:attachment":[{"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/media?parent=41929"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/categories?post=41929"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/tags?post=41929"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}