Yes, you need to make sure that the domains are in a trusted relationship (bi-directional trust) with domain wide authentication. The following steps are needed:
-
Conditional forwarding in the DNS for the root domain (domain.com) as the ADFS server is named adfs.domain.com. There are other ways to do like using secondary zones and delegation, stub zones and forwarding, root hints, etc.
-
Adding the ADFS server name (adfs.domain.com) to the trusted sites in the Internet Explore or any other browsersr of the clients to make sure the windows authentication works