locked
Can I place an ADFS 2.0 server in a VM and have it maintain a trust with Office 365? RRS feed

  • Question

  • We use Office 365 and I am working on a plan to use ADFS 2.0 to authenticate my users to O365 so they can use their existing AD credentials. Rather than place the ADFS server on premises I thought I would look at placing it in Azure for availability reasons.

    I intend the VM to be a combination of a DC and ADFS. As far as the DC, I read the article http://www.windowsazure.com/en-us/manage/services/networking/replica-domain-controller/ and believe that wont be much of a problem.

    My question is, how will  O365 reach my ADFS for authentication?

    If the ADFS URL is FS.CONTOSO.COM:

    1 - Do I point FS.CONTOSO.COM to my on-premises public IP, take the communications and redirect them through an site-to-site VPN to my Azure ADFS?

    or

    2 - Can I point FS.CONTOSO.COM directly to my Azure ADFS public IP endpoint?

    Sunday, July 15, 2012 3:15 PM

Answers

  • Hi Christopher,

    I'm confirming now, but it should be enough to open endpoints for TCP 443, 1500, and 1501 and point fs.contoso.com to the public IP.

    Thanks,

    Craig

    Tuesday, July 17, 2012 9:24 PM