Copyright

Similar documents
Copyright

Copyright

Copyright

Microsoft MB Microsoft Dynamics CRM 2016 Installation. Download Full version :

Planning and Administering SharePoint 2016

AD FS v3. Deployment Guide

Course : Planning and Administering SharePoint 2016

Microsoft ADFS Configuration

COURSE OUTLINE MOC : PLANNING AND ADMINISTERING SHAREPOINT 2016

Planning and Administering SharePoint 2016

Architecture Assessment Case Study. Single Sign on Approach Document PROBLEM: Technology for a Changing World

A: PLANNING AND ADMINISTERING SHAREPOINT 2016

Course Outline: Course : Core Solutions Microsoft SharePoint Server 2013

Exam Name: TS: Upgrading from Windows Server 2003 MCSA to Windows Server 2008,Technology Specializations

Planning and Administering SharePoint 2016 ( A)

Office 365 and Azure Active Directory Identities In-depth

Copyright 2013

Setup Guide for AD FS 3.0 on the Apprenda Platform

CLB379 SharePoint 2010 Extranets and Authentication. Peter Carson President Envision IT

A: Planning and Administering SharePoint 2016

Qualys SAML & Microsoft Active Directory Federation Services Integration

Planning and Administering SharePoint 2016

Configuring Alfresco Cloud with ADFS 3.0

MCSA Windows Server A Success Guide to Prepare- Microsoft Upgrading Your Skills to MCSA Windows Server edusum.

Extranet Identity Management and Authentication for SharePoint On Premise, Office 365 and Beyond

ArcGIS Enterprise Administration

Single Sign-On Showdown

Configuration Guide - Single-Sign On for OneDesk

Copyright

VIEVU Solution AD Sync and ADFS Guide

Welcome to Database Exporter for SharePoint

SAML-Based SSO Solution

SAML-Based SSO Solution

M20742-Identity with Windows Server 2016

Azure Active Directory from Zero to Hero

MOC 20417C: Upgrading Your Skills to MCSA Windows Server 2012

Configuring ADFS for Academic Works

D9.2.2 AD FS via SAML2

TECHNICAL GUIDE SSO SAML. At 360Learning, we don t make promises about technical solutions, we make commitments.

MOC 20417B: Upgrading Your Skills to MCSA Windows Server 2012

Multi Factor Authentication & Self Password Reset

This module provides an overview of multiple Access and Information Protection (AIP) technologies

Microsoft Core Solutions of Microsoft SharePoint Server 2013

At Course Completion: Course Outline: Course 20742: Identity with Windows Server Learning Method: Instructor-led Classroom Learning

20742: Identity with Windows Server 2016

Identity with Windows Server 2016

METHODOLOGY This program will be conducted with interactive lectures, PowerPoint presentations, discussions and practical exercises.

Active Directory Services with Windows Server

Understanding The Ad Lds Schema Editor

COURSE OUTLINE MOC 10969: ACTIVE DIRECTORY SERVICES WITH WINDOWS SERVER MODULE 1: OVERVIEW OF ACCESS AND INFORMATION PROTECTION

Course Outline 20742B

Microsoft SharePoint Server 2013 Plan, Configure & Manage

Single Sign-On (SSO)Technical Specification

20331B: Core Solutions of Microsoft SharePoint Server 2013

Microsoft Dynamics CRM Installation (MB2-708)

Active Directory Services with Windows Server

Server : Advanced Services 3 1 x

Load Balancing Microsoft AD FS. Deployment Guide v Copyright Loadbalancer.org

Module 1 Web Application Proxy (WAP) Estimated Time: 120 minutes

Identity with Windows Server 2016

70-742: Identity in Windows Server Course Overview

Enhancing cloud applications by using external authentication services. 2015, 2016 IBM Corporation

Active Directory Services with Windows Server

Vision deliver a fast, easy to deploy and operate, economical solution that can provide high availability solution for exchange server

MCSE Server Infrastructure. This Training Program prepares and enables learners to Pass Microsoft MCSE: Server Infrastructure exams

IBM InfoSphere Information Server Single Sign-On (SSO) by using SAML 2.0 and Tivoli Federated Identity Manager (TFIM)

ADFS integration with Ibistic Commerce Platform A walkthrough of the feature and basic configuration

Advanced Solutions of Microsoft SharePoint Server 2013

ADFS Authentication and Configuration January 2017

Identity with Windows Server 2016 (20742)


MCSA Windows Server 2012 Configuring Advanced Services

Advanced On-Prem SSRS 2017 for Non-AD Users. Dr. Subramani Paramasivam MVP & Microsoft Certified Trainer DAGEOP, UK

Exam : Implementing a Cloud Based Infrastructure

Core Solutions of Microsoft SharePoint Server 2013

MCSA Windows Server A Success Guide to Prepare- Microsoft Configuring Advanced Windows Server 2012 Services. edusum.

COURSE OUTLINE: OD10969B Active Directory Services with Windows Server

Ten most common Mistakes with AD FS and Hybrid Identity. Sander Berkouwer MVP, DirTeam.com

Microsoft Exam MB2-702 Microsoft Dynamics CRM 2013 Deployment Version: 6.1 [ Total Questions: 90 ]

Audience Profile: Course Outline. Introduction & Architecture. SharePoint 2013 Administration Basics. Creating Web Applications and Site Collections

Authentication in Cloud Application: Claims-Based Identity Model

"Charting the Course... MOC B Active Directory Services with Windows Server Course Summary

Advanced Solutions of Microsoft SharePoint Server 2013 Course Contact Hours

Configuring Advanced Windows Server 2012 Services (412)

CONFIGURING AD FS AS A THIRD-PARTY IDP IN VMWARE IDENTITY MANAGER: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Advanced Solutions of Microsoft SharePoint 2013

BI Office. Web Authentication Model Guide Version 6

Module 3 Remote Desktop Gateway Estimated Time: 90 minutes

Enterprise Services for NFuse (ESN) February 12, 2002

ACTIVE DIRECTORY SERVICES WITH WINDOWS SERVER

Sentinet for Microsoft Azure SENTINET

Nimsoft Service Desk. Single Sign-On Configuration Guide. [assign the version number for your book]

DDS Identity Federation Service

Coveo Platform 7.0. Microsoft SharePoint Connector Guide

CLAIMS-BASED IDENTITY FOR WINDOWS

Secure your Infrastructure with Azure Multi-Factor Authentication Server

Using Your Own Authentication System with ArcGIS Online. Cameron Kroeker and Gary Lee

Windows Server 2008 Active Directory Certificate Services Step By Step Guide Pdf

Implementing an Advanced Server Infrastructure

Course 10969: Active Directory services with Windows Server

Transcription:

This video will look at the different Terminology that is used with Federation Services. This will give you a good indication of what components make up a Federation Service in Active Directory Federation Services and other Federation services.

Terminology This video will look at 17 different Federation Services terms. They have been placed in a logically order to make it easier to understand.

Account Partner Organization This contains the user accounts that will access the Federation Service. In some cases this may be a domain in other cases it may be a database or simply an e-mail address. The important point to remember is that these are the users that will access Federation Services. This will contain information like their usernames, password and other details about the user.

Resource Partner Organization A resource partner organization contains the resources that are accessed by the Federation Service Users. Normally this will be external to the company, but in some cases may be on a DMZ of the company. A resource partner could also be in a cloud based application. For example MS Office products located in the cloud.

Federation Trust A Federation Trust is a trust between different parts of Federation Services. An example is the trust between the Account Partner Organization and Resource Partner Organization. The trust is not a connection style trust and thus when created does not require communication to happen over the trust. The trust does not require a direct connection between the two Federation Servers, however it is often simpler to have a connection between the two so that the Federation Server can obtain information that it requires in order to create the trust.

Claim A claim is essentially a statement about a user. When the claim is created, it will need to be created with information required by the other side. This may include information about what services they require. This may also contain information about groups they are in. The Federation Server creating the claim needs to ensure all this information is put into the claim. The claim is essentially a file that is then transferred to the other party. In a lot of cases, the user may request the claim from their Federation Server and then present this claim to the Federation Server that is providing the service.

Claims Provider Trust Active Directory Federation Services has two types of trusts that are used. The first trust is a Claims Provider Trust. A Claims Provider Trust accepts claims. So essentially this trust defines who and how the trust can be used.

Relying Party Trust A Relying Party Trust is used to create claims. Once a claim is created it is supplied to a Claims Provider Trust. A Relying Party Trust is required in the account partner organization to create claims that will be used in the Resource Partner Organization. A relying party trust is also used to access resources. For example, if the Active Directory Federation Services needs to access an application or Domain Services.

Claim Provider A claims provider is an organization that provides claims for users. These claims are normally used by Claims Aware applications that can be in the domain, external domain or in the cloud.

Federation Server This is a server that is running Federation Services. In the case of Windows this will be Active Directory Federation Services.

Account Federation Server An Account Federation Server provides security tokens that contains claims. These are given to the user. In order to do this the account Federation Server must get this information from somewhere.

Attribute Store An attribute store contains information about the user. This can be stored in Active Directory Domain Services, SQL Server or Active Directory Light Weight Directory Services. This does not provide authentication. For example a Domain Controller could be used to authenticate the user and then the attribute store could be used to get additional information about the user. For example the attribute store may contain a picture of the user.

Federation Metadata This is the configuration information for the Federation Server. When creating a trust, data is required about the other server in order to create the trust. This data can be entered in manually however this is time consuming to do. When creating the trust, you have the option to use the Metadata. This Metadata can be obtained through a direct connection between the two servers. If this is not available, the data can be exported and any method can be used to get the data from one server to the other server.

AD FS Configuration Database This stores the configuration that is used by Active Directory Federation Services. This can be on SQL server or Windows Internal Database.

Primary Federation Server This is the first server that is setup in a farm. It holds a read/write copy of the database. All the other servers in the farm contain a read only copy of the database. These servers needs to replicate changes to the read/write copy of the database.

Federated User This is a user that has been given a claim. The claim can then be used on another server to gain access to a resource.

Relying Party A relying party is the organization that receives a claim. In most cases this will be the resource partner organization.

Resource Federation Server This is a Federation Server in the resource partner organization that accepts claims. When a claim is presented to the server, the server will create a new claim and give this to the user. This claim contains information like what resources they are allowed to access.

Claims-Aware Application This is any application that can accept claims to provide access to an application. For example MS Office is capable of accepting claims. See http://youtube.com/itfreetraining or http://itfreetraining.com for our always free training videos. This is only one video from the many free courses available on YouTube. References MCTS 70-640 Configuring Windows Server 2008 Active Directory Second edition pg 888-896 Understanding Key Concepts Before You Deploy AD FS 2.0 http://technet.microsoft.com/en-us/library/ee913566(ws.10).aspx Federation trusts http://technet.microsoft.com/enus/library/cc738707(v=ws.10).aspx Understanding Application Types for AD FS Federation http://technet.microsoft.com/en-us/library/cc772483.aspx

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback