Module 11: Designing an Active Directory Federation Services Implementation in Windows Server 2008.

Slides:



Advertisements
Similar presentations
The following 10 questions test your knowledge of Internet-based client management in Configuration Manager Configuration Manager 2007 Internet-Based.
Advertisements

Deploying and Managing Active Directory Certificate Services
Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
SIM403. Claims Provider Trust Relying Party x Relying Party Trust Claims Provider Trust Your ADFS STS Partner ADFS STS & IP Relying Party Trust Partner.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Implementing and Administering AD FS
Understanding Active Directory
Problem Statement AD DB App1 DB App2 AD App4 App6 AD App5 Intranet Extranet Cloud AD App3 DB SSO Separate Sign-in Separate Sign-in Separate Sign-in.
Implementing ISA Server Caching. Caching Overview ISA Server supports caching as a way to improve the speed of retrieving information from the Internet.
IT can provide users with a common identity across on-premises or cloud- based services, leveraging Windows Server Active Directory and Azure Active.
Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.
Module 6: Configuring AD RMS
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
1 Enabling Secure Internet Access with ISA Server.
Virtual techdays INDIA │ august 2010 Secure Collaboration: All You Need to Know about Extending Active Directory Rights Management Services (AD RMS)
Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.
Managing Client Access
Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.
Chapter 12: Additional Active Directory Server Roles
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
Implementing Secure Shared File Access
Timothy Heeney| Microsoft Corporation. Discuss the purpose of Identity Federation Explain how to implement Identity Federation Explain how Identity Federation.
Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based.
Securing Microsoft® Exchange Server 2010
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Module 2 Designing Microsoft® Exchange Server 2010 Integration with the Current Infrastructure.
Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.
Module 5 Configuring Authentication. Module Overview Lesson 1: Understanding Classic SharePoint Authentication Providers Lesson 2: Understanding Federated.
Module 11: Implementing ISA Server 2004 Enterprise Edition.
Module 1: Configuring Windows Server Module Overview Describe Windows Server 2008 roles Describe Windows Server 2008 features Describe Windows Server.
Grid Chemistry System Architecture Overview Akylbek Zhumabayev.
Microsoft ® Official Course Module 13 Implementing Windows Azure Active Directory.
Module 5: Configuring Internet Explorer and Supporting Applications.
Module 9: Designing Public Key Infrastructure in Windows Server 2008.
Office 365 deployment choices Cutover, Staged, Hybrid What is AD FS (Active Directory Federation Services) Attribute Stores, ADFS Configuration Database.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Module 8: Managing Terminal Services. Overview Use and manage Terminal Services RemoteApp programs Use and manage Terminal Services Gateway Optimize and.
Designing Secure SharePoint External Access Ondrej Sevecek | MCM: Directory | MVP: Security |
Module 6: Integrating ISA Server 2004 and Microsoft Exchange Server.
Slide 1 ASP Authentication There are basically three authentication modes Windows Passport Forms There are others through WCF You choose an authentication.
Module 6: Managing Client Access. Overview Implementing Client Access Servers Implementing Client Access Features Implementing Outlook Web Access Introduction.
Module 7 Planning and Deploying Messaging Compliance.
Extending ISA/IAG beyond the limit. AGAT Security suite - introduction AGAT Security suite is a set of unique components that allow extending ISA / IAG.
Module 5: Designing Security for Internal Networks.
1 Installing and Maintaining ISA Server Planning an ISA Server Deployment Understand the current network infrastructure. Review company security.
Module 11: Designing Security for Network Perimeters.
Web Access. Overview  Purpose  Prerequisites  Install Components  Enable Virtual Directories  IIS Configuration & Security  Troubleshooting.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Module 12: Implementing ISA Server 2004 Enterprise Edition: Back-to-Back Firewall Scenario.
Module 3 Planning for Active Directory®
Microsoft Virtual Academy Preparing for the Windows 8.1 MCSA Module 5: Managing Devices & Resource Access.
Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.
Module 10: Identity and Access Services in Windows Server 2008 Active Directory.
Labs. Session 1 Lab 1: Designing an Active Directory Forest Infrastructure in Windows Server 2008 Exercise 1: Designing an Active Directory Forest Exercise.
Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Appendix B Advanced Topics in Exchange Server 2010.
Configuring Advanced Windows Server 2012 R2 Services Exams4sure.
MCSA Windows Server 2012 Pass Upgrading Your Skills to MCSA Windows Server 2012 Exam By The Help Of Exams4Sure Get Complete File From
Stop Those Prying Eyes Getting to Your Data
Module 3: Enabling Access to Internet Resources
Exam : Identity with Windows Server 2016
Securing the Network Perimeter with ISA 2004
Microsoft Online Services Partner Deployment Training for Office 365
Dumps PDF Architecting Microsoft Azure Solutions Are You Worried About Your Exam…
AD FS Installation Active Directory Federation Services (AD FS) 7.1
Implement Web Application Proxy (WAP)
Device Registration and Multi-Factor Authentication
Presentation transcript:

Module 11: Designing an Active Directory Federation Services Implementation in Windows Server 2008

Module Overview Overview of an Active Directory Federation Services Design Designing a Business-to-Business Federation Designing Active Directory Federation Services Claims and Applications

Key Components of ADFS AD FS includes the following components: Account Federation server Account Federation server proxy Resource Federation server Resource Federation server proxy AD FS Web Server Agent AD DS Domain Controllers

ADFS Server Roles ADFS server role includes following components: Federation Service Federation Service proxy Claims-aware agent Windows token-based agent

ADFS Server Placement When determining your ADFS server placement, consider: Where to place a federation server? Where to place a federation server proxy? Federation Server AD DS Federation Server Proxy PERIMETER NETWORK INTRANET FOREST

Components of a B2B Federation Trust Account Partner Organization Resource Partner Organization Resource Federation Server Account Federation Server AD DS AD FS- enabled Web Server Federation Trust

Guidelines for Deploying and Securing ADFS Servers When deploying AD FS servers that are servicing external clients: Place federation servers in front of a firewall and connect them to the corporate network to prevent exposure from the Internet Avoid having your federation servers directly accessible on the Internet Place a federation server proxy in the perimeter network before you configure your firewall servers for use with AD FS Use ISA Server 2006 publishing Consider deploying a federation server proxy in your organization's perimeter network when you want to: Prevent direct access to federation servers by external clients Differentiate the Internet user sign-in experience from that of corporate network users Create at least one AD FS-enabled Web server in the resource partner organization when you deploy any of the following AD FS designs: Web SSO Federated Web SSO Federated Web SSO with Forest Trust

Guidelines for Usage of Token-based and Claims- aware Applications When implementing applications using ADFS, consider: For a claims-aware application, ensure that the return URL is typed correctly in the application’s Web.config file Verify that ASP.NET is installed and enabled For a Windows NT token–based application, verify that the return URL is typed correctly in the ADFS Web Agent tab of IIS For a Windows NT token–based application, configure a resource account in the resource partner’s directory store

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.