![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 37%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJE%3C/text%3E%3C/svg%3E)
1,304 questions
Yes you can.
It creates some challenges The main two are the following:
- Delegation Hard to delegate the management of only a service on a server having multiple services. And the local administrator of that mutualized server will have full control on all the installed services. Also, ADFS is often considered as a very sensitive service (tier-0), the administrator of ADFS can impersonate whoever she or he wants against any of the relying party trust. That is sometimes pushing customer to have its dedicated server.
- Port conflicts The ADFS service needs to bind to TCP ports: 80 (if you use WID), 443, 49443 (if you use device authentication without the ADFS 2016 or above). If the other service needs those ports you won't be able to make them live together (although you can configure alternate ports to some extend on ADFS, it complexifies the solution).