Environment: an Active Directory forest with multiple domains, several of which are federated with the same Office 365 tenant; directory synchronization is in place, ADFS too. There is a single ADFS server (WS2012R2) and a single Web Application Proxy server (WS2012R2, too).
ADFS is becoming increasingly critical as we move users to Office 365, thus we need to move ADFS to a new, properly fault tolerant implementation, using two ADFS servers in a farm setup and two load balanced WAP servers. We'll use the same DNS name and certificate for ADFS. The new servers will be hosted on Azure, using Azure's own load balancing as required.
I know how to setup ADFS and WAP, but I also kow there is a bidirectional link between ADFS and Office 365, thus I'm guessing that moving the federation services to the new environment will not be as simple as redirecting a DNS record.
How to move ADFS from the current servers to the new ones (with minimal disruption of user access, of course)?
Best Answer
If I recall correctly, ADFS on 2012R2 can only be installed in a farm, even with just 1 node (as opposed to a standalone mode available in previous versions). If thats the case, you can expand your farm by adding additional nodes. If using WID as your datastore, it will replicate automatically. If you wish, you can set a different node to be the primary datastore. You could also use this process to "move" to another server by decomming the old server after making another node primary.
Keep in mind that WID-based farms can have a max of 5 federation server nodes (excluding proxies).
Or, if you want to rebuild and migrate, Microsoft already has an article for it Migrating the AD FS Federation Server