locked
Azure ADFS DR RRS feed

  • Question

  • Hi,

    We have azure cloud tenant deployed in one region say xxx with ADFS deployment in the cloud. If there is a problem and entire Geo1 region goes down, how will i be able to make use of the ADFS to access my application.

    I came across the following document https://docs.microsoft.com/en-us/azure/active-directory/active-directory-adfs-in-azure-with-azure-traffic-manager where it says that we have to deploy ADFS deployment in two regions and make use of ATM to divert the traffic.

    How is this possible when i have only one azure tenant deployed in one region ? Can someone explain.

    Friday, November 10, 2017 11:35 AM

All replies

  • Azure AD Tenants are not Geo-Specific.

    Azure AD and deploying AD in Azure VM(s) are not the same. It looks as though you are building a On-Prem ADFS environment in Azure.

    ---------------------------------------------------------------------------------------------------
    Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members.

    Saturday, November 11, 2017 9:26 AM
  • Yes we are planning to deploy on-premise ADFS environment in Azure. Azure AD tenants are not Geo-specific, but what about the infrastructure deployed in the Azure AD tenant ?

    Example - My customer is in Europe and Asian region. What should be the process i need to carry out here in order to provide High Availability to the customers ? Do i need to build the infrastructure of ADFS for the Azure tenant in Europe and Asia data center ? Or do i have the option of building it in Asia and replicate the same in Europe by performing some internal process ? kindly guide me. 

    Monday, November 13, 2017 4:00 AM
  • It's depends up on your use cases and scenarios,
    1) stand up unique ADFS instances in each region and then update the AAD Domains to point to the correct ADFS deployment.
    2) stand up a single ADFS Farm for both regions. For that, you have to bridge the Azure networks so that the ADFS servers can talk to each other.
    there are advantages to both approaches, so really depends on your requirements.
    -------------------------------------------------------------------------------------------------------------
    Do click on "Mark as Answer" on the post that helps you and vote it as helpful, this can be beneficial to other community members.  
    • Proposed as answer by vijisankar Monday, November 27, 2017 7:33 PM
    Monday, November 27, 2017 7:33 PM