Prerequisites
Complete the following conditions before configuring Microsoft Exchange Server 2013 or Exchange Server 2016 to integrate with AD FS:
- Install and configure AD FS for Windows Server 2012 on a Windows Server 2012 R2 server. Verify that the AD FS services work by accessing the AD FS sign-in page (https://<ADFS Compute FQDN>/adfs/ls/ idpinitiatedsignon.htm).
- Ensure that your on-premises Exchange Server is an Exchange Server 2013 Service Pack 1 (SP1) or Exchange Server 2016 deployment.
- Import the AD FS, SSL, and token signing certificates into your Exchange Server computer store with theCertificates MMCsnap-in.
- Import the Exchange Server SSL certificates into the AD FS computer store with the Certificates MMC snap-in.
You cannot integrate AD FS and claims-based authentication if your Exchange Server deployment includes Exchange 2007, Exchange 2010, or Exchange 2013 RTM servers.
Claims-based authentication replaces traditional authentication methods, including: Windows, Forms, Digest, Basic, and Active Directory client certificate authentication.