ADFS 2016 installation steps

Request certificate and add to personal cert store.- certlm.msc

Create Group Service Management Account (windows would manage the Password) by following steps below.

[Note @ GMSA: Windows Server 2012 domain controllers (DC) and later versions require a root key to begin generating gMSA passwords. The domain controllers will wait up to 10 hours from the time of creation to allow all domain controllers to converge their Active Directory replication before allowing the creation of a gMSA. The 10 hours is a safety measure to prevent password generation from occurring before all the domain controllers in the environment are capable of answering the gMSA requests. If you try to use a gMSA too soon, the key might not have been replicated to all the Windows Server 2012 domain controllers and therefore password retrieval might fail when the gMSA host attempts to retrieve the password. gMSA password retrieval failures can also occur when using domain controllers with limited replication schedules or if there is a replication issue. The Add-KdsRootKey cmdlet generates a new root key for the Microsoft Group Key Distribution Service (KdsSvc) within Active Directory (AD). The Microsoft Group KdsSvc generates new group keys from the new root key. Because we only have one domain controller for the domain, it is safe to use the key immediately.

]

Open ADFS Management in ADFS and check the installation.

Above is what ADFS on 2016 looks like.