RE: ADFS 2.0
We have a one domain forest, and currently we have an ADFS 2.0 server set up to allow internal users to have single sign on to an external site.
I have been approached to set up single sign on for another site, and what I was wondering is if I have to use the existing ADFS Server for this second site or can I spin up another ADFS 2.0 server and use that for the new application?
I don't want to have both sites using the existing ADFS server due to different requirements with the token signing certificate and also because the existing one was set up badly.
I don't want to migrate both sites to a new ADFS server (too much work and downtime for the already existing site) and I don't want both sites to use the old one due changes I'll need to make to get the new site working that may break SSO for the old one.
So is there any problem with having two seperate and independant ADFS 2.0 servers in my domain, one for each external site I need SSO access to?