Active Directory Federation Services

Source: Wikipedia, the free encyclopedia.

Active Directory Federation Services (AD FS), a

Active Directory Services
.

Details

In AD FS, identity federation[3] is established between two organizations by establishing trust between two security realms. A federation server on one side (the accounts side) authenticates the user through the standard means in Active Directory Domain Services and then issues a token containing a series of claims about the user, including their identity. On the other side, the resources side, another federation server validates the token and issues another token for the local servers to accept the claimed identity. This allows a system to provide controlled access to its resources or services to a user that belongs to another security realm without requiring the user to authenticate directly to the system and without the two systems sharing a database of user identities or passwords.

In practice a user might typically perceive this approach as follows:

  1. The user logs into their local PC (as they typically would when commencing work in the morning).
  2. The user needs to obtain information from a partner company's extranet website, for example to obtain pricing or product details.
  3. The user navigates to the partner-company extranet site, for example: http://example.com.
  4. The partner website now does not require any password to be typed in; instead, the user credentials (in a secure assertion) are passed to the partner extranet site using AD FS.
  5. The user is now logged into the partner website and can interact with the website as if logged in.

AD FS integrates with

WS-* and SAML 2.0-compliant federation services as federation partners.[4]

Versions

See also

References

  1. ^ "Introducing AD FS 2.0". Microsoft TechNet. May 2, 2010. Retrieved March 2, 2017.
  2. ^ "An Introduction to Claims". MSDN. 2016. Retrieved May 26, 2016.
  3. ^ "What is Federated Identity Management?". Technopedia. 2016. Retrieved May 26, 2016.
  4. ^ "ADFS Deep Dive". MSDN. November 2, 2014. Retrieved May 18, 2016.
  5. ^ "ADFS Configuration in Windows Server 2012 R2 Standard". TatvaSoft. 2018. Archived from the original on September 19, 2018. Retrieved September 19, 2018.
  6. ^ a b "AD FS Frequently Asked Questions (FAQ)". Microsoft. April 17, 2019. Retrieved March 2, 2020.

External links