6.4. Active Directory Federation Services
Active Directory Federation Services (AD FS) provides Internet-based clients a secure identity access solution that works on both Windows and non-Windows operating systems.
Normally when a user from one network tries to access an application in another network, they must have a secondary username and password.
AD FS allows organizations to set up trust relationships between networks and supports single sign-on (SSO), which allows users to access applications on other networks without needing secondary passwords. Security is improved and administrators spend less time resetting passwords when users don't have to remember multiple passwords.
AD FS requires an AD FS server on both ends of the connection. ...