Additional IIS on a ADFS-Server installation

ErazerMe 46 Reputation points
2021-07-21T11:58:41.08+00:00

Is it possible to install the IIS server role on a system, which host already the ADFS-Service?
We need an additional IIS installation to provide some web-apps on the same Windows-Server 2016 which hosts the ADFS-Service for our infrastructure.

Does someone know if I can install the IIS component?
ADFS use by default port 80 and 443, our Webapps can use different ports - but the main question is if the installation / configuration of the IIS will be stop because the default ports of IIS are already in use.

Thanks for any help.

Internet Information Services
Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,388 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,201 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Pierre Audonnet - MSFT 10,166 Reputation points Microsoft Employee
    2021-07-21T12:26:02.037+00:00

    In theory you could. In practice you shouldn't.

    ADFS is a very sensitive service. Should be considered as secured as a domain controller (and you don't install IIS on domain controllers).

    It also increases the likelihood of an administrative mistake impacting the other component (TLS bindings, user right assignments modifications, certificate enrollment...).

    I'd stay away from this configuration.

    0 comments
  2. Bruce Zhang-MSFT 3,736 Reputation points
    2021-07-22T01:57:35.427+00:00

    Hi @Andy ,

    As far as I know, ADFS server is also based on windows server. So it can work with IIS if both of them install on windows server.

    However. As piaudonn said, it may has some issues about security and others. ADFS server and IIS both use 80 and 443 port as default port, this may cause conflicts.

    If the answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our  documentation  to enable e-mail notifications if you want to receive the related email notification for this thread.

    Best regards,
    Bruce Zhang

    0 comments