Active Directory Federation Services is a single sign-on technology that authenticates a user for multiple Web applications over the course of a single session. This federated identity management functionality, which was introduced in Windows Server 2003 and is now in its second version for Windows Server 2008 R2, has become increasingly important as IT shops begin to run more and more applications in the cloud. These five quick links help explain ADFS and how it can be used to increase efficiency and security in your organization.
Find out more about identity and access management on our topic page.
intro to Active Directory Federation Services
ADFS allows authenticated users to access multiple systems and applications during a single session, which offers significant security benefits for administrators. Read on to learn about how the various pieces fit together.
Federation Services 2.0 extends single sign-on to cloud-based apps
The updated version of ADFS cuts down on the number of log in credentials required for users, and could be an important piece of the cloud security puzzle.
and WIM work together to drive claims-based access for Windows
By using a combination of ADFS 2.0 and Windows Identity Foundation, administrators and developers can work together to provide single sign-on access within an organization, across business partnerships and in the cloud.
Directory Federation Services makes cloud-based identity management simpler
Cloud-based identity management presents many challenges for administrators, but ADFS addresses them by providing a means for managing online identities across multiple applications. Here's why companies will want to pay more attention to the feature.
is key for ADFS authentication to work as advertised
Communication among various enterprises with unrelated IT systems across corporate boundaries is the key to federated identity management systems like ADFS. These systems can only play with each other if they all abide by an independent set of standards -- agreed on by all members of the system -- for communicating authentication information to each other.
This was first published in August 2011