Recently, I had the opportunity to upgrade ADFS server runs on 2012. I was able to upgrade 2012 server to 2019 via Windows in-place upgrade without reconfiguring or rebuilding entire server. This a very brife write up on how to do this.
**It is best to backup or take a proper snapshot of the server before any changes. In my case vmware snapshot was the option.
**First, insert 2019 ISO to the 2012 server and bring up PS shell as a admin and then browse to the ISO folder( in my case it was d:\support\adfs). You will be able to see two PS script one for export and another for import. We are gonna use the export, run( Make sure that you have created appropriate folder first to export the data)
export-federationconfiguration.ps1 -path c:\adfs_backup
Once the export done make sure to take a screenshot or note down all the adfs server name and stuff show end of the script. This is important, since you gonna need to install adfs after the upgrade.
**Then I copied that contetnt from adfs_backup folder to my desktop, just incase things goes south 🙂
***Then Export the certificate with the private key to safe location. Usually server woudn’t purge any certs during the in place upgrade but its better to be safe.
***Then go ahead and do the upgrade of 2012 to 2019. Once done, re-install adfs role on the server using the same name and properties showen end of the script run from the first step and do the basic config.
***Once ADFS done, brows to the ISO d:\support\adfs import the federation data that was exported from the old ADFS run via PS Shell
import-federationconfiguration.ps1 -path c:\adfs_backup
***Make sure al the certs properly inplace using certmanger via MMC
***Bring PS Shell and run,
Set-ADFSProperties –ExtendedProtectionTokenCheck None
Set-AdfsProperties -WIASupportedUserAgents ((Get-ADFSProperties | Select -ExpandProperty WIASupportedUserAgents) + "Chrome" + "Mozilla/5.0")
***Then finally test out the ADFS!
Please find great write up here,