Is it a bad idea to install ADFS on the AD server itself?

adfs

It should be fine to install on your Domain controllers. As long as sane lookup caches (for DNS) and leases (for DHCP) are had, and you have a proper amount of DCs for your environment (the answer is never "one DC"), ADFS should not present a huge amount of load.


Yes its a supported configuration to have AD and ADFS on the same box so no problems there. But as the general preference is to have AD roles on dedicated servers, its not an encouraged configuration.

When you upgrade the AD in the future, you'd have to do in place upgrades of this server instead of demote/promote new DCs.

If you are also planning this server to be internet accessible, then its also not a good configuration from a security perspective unless you plan to have ADFS proxies too.

So if this is a very small environment where they have no other servers or means of even using virtualization to host roles on different OS guests, then yes you can do it.

Related

Git fails to push with error 'out of memory'
mdadm: drive replacement shows up as spare and refuses to sync
Virtual Machine Manager 2012 is showing 0% CPU usage
Dedicated NIC or dedicated port for iSCSI?
Repurposed disk - Linux blkid command returns incorrect information
Migrating an SSL Certificate from one host to another during site migration
cat /proc/cpuinfo shows 3.00GHz model but 1400.000 cpu MHz?
Windows Server 2019 VPN Error 8007042a After KB4480116
Cannot add a 2012 server to a 2003 domain as it says forrest functional level is 2003 but domains and trusts shows it as 2003
Any repercussions from not using default primary groups for Linux users?
stop linux from emailing me cron errors?
Can I upgrade OpenSSL version used by apache without recompiling the server but just mod_ssl?