Upgrading 1st primary DC from Win Serv 2012R2 to 2016 - how to reinstall the AD FS role service and reconfig Federation service...

Mark Miller - ADMIN 1 Reputation point
2022-08-30T17:47:03.24+00:00

Upgrading the OS on 1st primary DC from Win Serv 2012R2 to 2016. Getting the following message during the Win Serv 2016 setup installation: The Active Directory Federation Service (AD FS) role service is installed on this server. When the OS upgrade is complete, you will need to reinstall the role service and then reconfigure the federation service by adding the node to an existing Win Serv 2012R2 or later AD FS farm.

The forest domain hasn't been evaluated to 2016 yet. This is only the first DC that is being upgraded to 2016. Do, I just need to install the AD FS role from the Server Manager - Roles and Features but don't reconfigure the Federation Service until we are ready to evaluate the whole forest domain to 2016?

Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,428 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,223 questions
Windows Server Management
Windows Server Management
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Management: The act or process of organizing, handling, directing or controlling something.
425 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Daisy Zhou 20,876 Reputation points Microsoft Vendor
    2022-09-09T03:02:10.857+00:00

    Hello MarkMillerADMIN-1204,

    Thank you for posting in our Q&A forum.

    As I understand, you have multiple 2012 R2 DCs (also ADFS servers), and you want to upgrade them from 2012 R2 to 2016, now you are upgrading 1st primary DC from Win Server 2012R2 to 2016.

    From the following links, we can see, it seems to be not related to forest domain functional level, it is related to farm behavior level.

    Administrators can add new Windows Server 2016 federation servers to an existing Windows Server 2012 R2 farm. As a result, the farm is in "mixed mode" and operates at the same farm behavior level as the original farm. To ensure consistent behavior across the farm, features of the newer Windows Server AD FS versions cannot be configured or used.

    For more information, we can read articles below.

    Upgrading to AD FS in Windows Server 2016 using a WID database
    https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/upgrading-to-ad-fs-in-windows-server

    Upgrading to AD FS in Windows Server 2016 with SQL Server
    https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/upgrading-to-ad-fs-in-windows-server-sql

    Hope the information above is helpful.

    Best Regards,
    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments