Prerequisites

Complete the following conditions before configuring Microsoft Exchange Server 2013 or Exchange Server 2016 to integrate with AD FS:
  • Install and configure AD FS for Windows Server 2012 on a Windows Server 2012 R2 server. Verify that the AD FS services work by accessing the AD FS sign-in page (https://<ADFS Compute FQDN>/adfs/ls/ idpinitiatedsignon.htm).
  • Ensure that your on-premises Exchange Server is an Exchange Server 2013 Service Pack 1 (SP1) or Exchange Server 2016 deployment.
  • Import the AD FS, SSL, and token signing certificates into your Exchange Server computer store with the
    Certificates MMC
    snap-in.
  • Import the Exchange Server SSL certificates into the AD FS computer store with the Certificates MMC snap-in.
You cannot integrate AD FS and claims-based authentication if your Exchange Server deployment includes Exchange 2007, Exchange 2010, or Exchange 2013 RTM servers.
Claims-based authentication replaces traditional authentication methods, including: Windows, Forms, Digest, Basic, and Active Directory client certificate authentication.