Adfs-Migration

Not every organization wants to move from ADFS to Microsoft Entra ID. Some want to stay vendor-neutral, keep identity infrastructure on-premises, or simply avoid per-user licensing costs. Keycloak fills that gap — it handles SAML 2.0, OIDC, and integrates directly with Active Directory via LDAP federation. The migration isn’t trivial, though. ADFS and Keycloak have different architectural models, and some ADFS features don’t have direct Keycloak equivalents. This guide covers the practical steps, common blockers, and configuration patterns you’ll need. ...

Microsoft is pushing hard to retire ADFS. The writing has been on the wall since 2023 when they started flagging ADFS deprecation in security advisories, and Windows Server 2025 makes it even clearer — ADFS is maintenance mode, no new features, and the migration tooling keeps getting better. If you’re still running ADFS in production, now is the time to plan your move. This guide walks through the full migration from ADFS to Microsoft Entra ID (formerly Azure AD), covering assessment, claim rules translation, staged rollout, and final decommission. ...