Professional Documents
Culture Documents
ADFS
ADFS
https://mizitechinfo.wordpress.com/2015/01/08/simple-step-install-configure-adfs-in-windows-server-
2012-r2/
4 – On the Specify Service Account interface, click Use an existing domain user account or
group Managed Service Account and then choose adfs user that you created previously, and then click
next…
9 – to verify the ADFS functionality, log in to Windows 8.1 client PC as a AD user, and the open IE and
type : https://adfs.adatum.com/federationmetadata/2007-06/federationmetadata.xml, and then verify
that the file loads successfully…
4th – Configure a certificate for the application
1 – Now switch to SVR1 server and open Internet Information Services (IIS) Manager and then
open Server
Certificates…
6 – On the Online Certification Authority interface, in the Friendly name box, type Adatum
Apps Certificate, and then click Finish…
7 – In IIS Manager, expand Sites, click Default Web Site, and then click Bindings…
1 – Switch to DC1 server, and open AD FS Management, expand Trust Relationships, and then
click Claims Provider
Trusts, in the middle pane, right-click Active Directory, and then click Edit Claim Rules…
2 – In the Edit Claims Rules for Active Directory interface, on the Acceptance Transform Rules tab,
click Add Rule…
3 – In the Claim rule template box, select Send LDAP Attributes as Claims, and then click Next…
4 – On the Configure Rule interface, in the Claim rule name box, type Outbound LDAP Rule,
then in the Attribute Store drop-down list, select Active Directory.
** In the Mapping of LDAP attributes to outgoing claim types section, select the following
values and then click Finish:
5 – Then click OK…
6th – Configure the application to trust incoming claims
2 – On the Welcome to the Federation Utility Wizard interface, in the Application
configuration location box, type C:\inetpub\wwwroot\AdatumTestApp\web.config for the
location of the sample web.config file…
4 – On the STS signing certificate chain validation error interface, click Disable certificate
chain validation, and then click Next…
https://blog.auth360.net/2013/09/13/first-impressions-ad-fs-and-windows-server-2012-r2-part-i/