Description

Active Directory Federation Services (ADFS) is an application developed by Microsoft that provides users with single sign-on access to systems and applications located across organizational boundaries. It uses a claims-based access-control authorization model to maintain application security and implement federation identity. ADFS can be used in conjunction with Web Application Proxy (WAP). Web Application Proxy provides reverse proxy functionality for web applications within a corporate network. Active Directory Federation Services provides pre-authentication access to those web applications.


1. Launch AD FS and navigate to Relying Party Trusts.




2. Select Add Non-Claims-Aware Relying Party Trust.




3. Enter and appropriate display name,



4. Enter a Non-Claims-Aware Relying Party Trust identifier and press the Add button.

Note: The name of the identifier simply has to be a unique name and can be any non-existent name.



5. Select I do not want to configure multi-factor authentication settings for this relying party trust at this time.




6. Select the Add button on the Issuance Authorization Rules tab.




7. Select Next, ensure that Open the Edit Issuance Authorization Rules dialog for this non-claims-aware relying party trust when the wizard closes is checked. Select  Close.




8. Select Add Rule... on the Issuance Authorization Rules tab




9. Select  Permit All Users for the Claim rule template.




10. Select Finish to close the Add Issuance Authorization Claim Rule Wizard and Ok to close the Non-Claims-Aware Relying Party window to complete the configuration .

 


Once complete, a web application must be published through the Web Application Proxy server to utilize the Active Directory Federation Service Non-Claims-Aware Relying Party Trust.

How to configure Active Directory Federation Service