In this post I will be installing and configuring the Active Directory Federation Services [AD FS] server role. AD FS is able to provide Single-Sign-On [SSO] capabilities to multiple web application using a single Active Directory account.
Install the AD FS Server Role:
Open Server Manager and click Manage -> Add Roles and Features:
On the below screen select Active Directory Federation Servers.Click Next
On the Below screen click next
Click Next.
On the Below screen click next to Install
Once the installation complete click Close.
Post-Deployment Configuration:
Since this is the first ADFS server please select "Create First ADFS server Federation Farm"
Before proceed to next step. Please ensure the account is having Active directory domain admin permissions and then click next.
SSL Certificate: Select the drop down menu you can find out the certificates installed, select the appropriate certificate.
Federation Service Name : Enter Federation service name ex: STS.Contoso.com
Display Name : Enter Display Name
Select Use existing Domain user and enter proper credentials.
Database Type:
The choice of the database type directly impacts what you can (or cannot) do. In some way, it also dictates how you should setup your federation servers. The table below depicts some of the most important differences between SQL and the Windows Internal Database when used as configuration database store for AD FS:
In my case i have chose WID ( Windows Internal Database). Click Next
Click Close.
Install the AD FS Server Role:
Open Server Manager and click Manage -> Add Roles and Features:
On the below screen select Active Directory Federation Servers.Click Next
On the Below screen click next
Click Next.
On the Below screen click next to Install
Once the installation complete click Close.
Post-Deployment Configuration:
Since this is the first ADFS server please select "Create First ADFS server Federation Farm"
Before proceed to next step. Please ensure the account is having Active directory domain admin permissions and then click next.
SSL Certificate: Select the drop down menu you can find out the certificates installed, select the appropriate certificate.
Federation Service Name : Enter Federation service name ex: STS.Contoso.com
Display Name : Enter Display Name
Select Use existing Domain user and enter proper credentials.
Database Type:
The choice of the database type directly impacts what you can (or cannot) do. In some way, it also dictates how you should setup your federation servers. The table below depicts some of the most important differences between SQL and the Windows Internal Database when used as configuration database store for AD FS:
| AD FS) Feature | Windows Internal Database (WID) | SQL Server |
| Scalability | Limited to five servers in the farm | No limitation |
| High Availability | built-in “replication” mechanism | Needs SQL cluster |
| Adv. features | Not available | SAML artifact resolution & SAML/WS-Federation token replay detection |
Click Close.
ADFS installation has been completed.
To Test if it working open the Browser enter : https://adfs.contoso.com/adfs/ls/ldpintiatedSignOn.
This comment has been removed by a blog administrator.
ReplyDelete