Skip to Content
Active Directory Cookbook, 4th Edition
book

Active Directory Cookbook, 4th Edition

by Brian Svidergol, Robbie Allen
May 2013
Intermediate to advanced
860 pages
21h 28m
English
O'Reilly Media, Inc.
Content preview from Active Directory Cookbook, 4th Edition

Chapter 19. Active Directory Federation Services

Introduction

Active Directory Federation Services (AD FS) was introduced in Windows Server 2003 R2 as version 1.0, updated for Windows Server 2008 (version 1.1), released as a standalone product in version 2.0, and then updated for Windows Server 2012 (2.1). It is used to allow single sign-on (SSO) capabilities to web applications hosted by multiple organizations without the need to configure an Active Directory trust relationship between them. This task is performed by using AD FS servers to separate the process of authentication (proving who a user is) from that of authorization (specifying what a user can do). AD FS allows this separation by configuring account partners to authenticate users and groups, and then providing claims to resource partners that control the actual access to resources.

This relationship between account partners and resource partners is called a federated trust. This verbiage can sometimes lead to confusion, since it seems to imply that AD FS requires an Active Directory trust relationship to exist between account and resource partners. In this case, the word trust merely refers to a business agreement between two organizations that have agreed to this type of distributed authentication and authorization arrangement. A federated trust refers to a scenario in which the AD FS Federation Service has been properly configured by both the organization that performs user authentication and the organization that controls ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

AirBnbBlueOriginElectronic ArtsHomeDepotNasdaqRakutenTata Consultancy Services

QuotationMarkO’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
Julian F.
Head of Cybersecurity
QuotationMarkI wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.
Addison B.
Field Engineer
QuotationMarkI’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.
Amir M.
Data Platform Tech Lead
QuotationMarkI'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Mark W.
Embedded Software Engineer

You might also like

Active Directory Cookbook, 3rd Edition

Active Directory Cookbook, 3rd Edition

Laura E. Hunter, Robbie Allen
Active Directory, 4th Edition

Active Directory, 4th Edition

Brian Desmond, Joe Richards, Robbie Allen, Alistair G. Lowe-Norris
Active Directory, 5th Edition

Active Directory, 5th Edition

Brian Desmond, Joe Richards, Robbie Allen, Alistair G. Lowe-Norris

Publisher Resources

ISBN: 9781449361419Errata Page