I recently went through the effort to migrate a Windows Server 2012 R2 AD FS farm to a Windows Server 2016 AD FS farm, the main point here that they want to maintain IP addresses and DNS.
First of all, there is something in Windows Server 2016 ADFS called Farm Behavior Level (FBL) feature (FBL), which determines the features that the AD FS farm can use.
The great thing is that you can add an ADFS 2016 Server to a w2012R2 farm without changing the FBL of the farm, but take into account that the new features won’t be available until you raise the FBL.
Before raising the FBL, you must know that it is necessary to update the AD Schema, at least to level 85, so it involves to deploy a W2016 DC into your network. More info at: https://technet.microsoft.com/en-us/windows-server-docs/identity/ad-fs/overview/ad-fs-2016-requirements
Once you have done this, is it possible to change the FBL, but you will need to follow the following steps:
- Set the new ADFS 2016 server as primary ADFS server: Set-AdfsSyncProperties -Role “PrimaryComputer”
- On the old primary ADFS 3.0 server run the following command: Set-AdfsSyncProperties -PrimaryComputerName “newprimarycomputername” -Role “SecondaryComputer”
- On the other secondary ADFS 3.0 servers run the following command: Set-AdfsSyncProperties -PrimaryComputerName “newprimarycomputername”
- Upgrade the ADFS 2016 fam behaviour level: Invoke-AdfsFarmBehaviorLevelRaise
Finally, you will to test and validate your new ADFS farm, remember to upgrade your WAP servers as well, but this process it is pretty straightforward
Albandrod's Memory 