Sunday, 12 June 2016

Active Directory Federation Services (AD FS)

Posted by: Ashwin Venugopal

Active Directory Federation Services (AD FS) enables
  1. Organizations to provide their users the flexibility to sign in and authenticate to applications that are located on a local network, at a partner company, or in an online service.
  2. Users only have to remember one set of credentials.
What is federation?

Using Identity federation you can provide single identification, authentication, and authorization across organizational and platform boundaries.

To do this both partners should create a federated trust relationship.

What is claims-based identity?

Generally, when users sign in,  they are authenticated by an AD DS domain controller.
The way it works is when a user provides the right credentials to the domain controller they are granted with a security token. 

Applications that are running on servers in the same AD DS forest trust the  security tokens that the AD DS domain controllers provide.


No comments:

Post a Comment