How to configure Active Directory Federation Service

How to configure Active Directory Federation Service

Article: 100038697
Last Published: 2016-03-17
Ratings: 0 0
Product(s): Enterprise Vault


Active Directory Federation Services (ADFS) is an application developed by Microsoft that provides users with single sign-on access to systems and applications located across organizational boundaries. It uses a claims-based access-control authorization model to maintain application security and implement federation identity. ADFS can be used in conjunction with Web Application Proxy (WAP). Web Application Proxy provides reverse proxy functionality for web applications within a corporate network. Active Directory Federation Services provides pre-authentication access to those web applications.

1. Launch AD FS and navigate to Relying Party Trusts.
Relying Party Trusts

2. Select Add Non-Claims-Aware Relying Party Trust.

3. Enter and appropriate display name,
Display Name

4. Enter a Non-Claims-Aware Relying Party Trust identifier and press the Add button.
Non-claims identifier
Note: The name of the identifier simply has to be a unique name and can be any non-existent name.

5. Select I do not want to configure multi-factor authentication settings for this relying party trust at this time.
Multi-factor authentication

6. Select the Add button on the Issuance Authorization Rules tab.
Issuance Authorization Rules

7. Select Next, ensure that Open the Edit Issuance Authorization Rules dialog for this non-claims-aware relying party trust when the wizard closes is checked. Select  Close.
Open the Edit Issuance

8. Select Add Rule... on the Issuance Authorization Rules tab
Issuance Authorization Rules

9. Select  Permit All Users for the Claim rule template.
Access to Web Site.

10. Select Finish to close the Add Issuance Authorization Claim Rule Wizard and Ok to close the Non-Claims-Aware Relying Party window to complete the configuration .

Once complete, a web application must be published through the Web Application Proxy server to utilize the Active Directory Federation Service Non-Claims-Aware Relying Party Trust.


Was this content helpful?