AD Federation Services 2.0 drops with added cloud support

The updated version of Microsoft's claims-based identity software has single sign-on capabilities for apps both on-premise and in the cloud.

This Content Component encountered an error

A new identity management release could represent a major piece to the cloud security puzzle – or at least encourage more organizations to make the move.

Microsoft shipped Active Directory Federation Services (AD FS) 2.0 to the Web this week, a major update to the company's claims-based identity management software.

Originally released with Windows Server 2003 R2, AD Federation Services is an Active Directory extension designed to give authenticated users access to multiple systems and applications during a single session. The 2.0 release builds on the software's claims-based identity model by allowing user access to apps in various locations using Active Directory authentication. New features promise to cut down on the number of log in credentials required for users working in both heterogeneous environments and across company partnerships.

More on AD FS and
identity management

New identity management software takes the heat off of IT

AD Federation Services drives claims-based identity for Windows

AD Federation Services 2.0 also extends its single sign-on capabilities to cloud-based applications. These apps can be hosted through Windows Azure or other cloud providers such as Salesforce.com or Google Apps.

Laura E. Hunter, a Microsoft MVP for Directory Services and principal with LHA Consulting Inc. out of Philadelphia, said AD FS 2.0 could be a major step toward answering questions about cloud security. "From the standpoint of encouraging organizations to move to the cloud, I think [AD FS 2.0] provides a major win," she said.

Hunter added that since AD FS 2.0 lets users authenticate to cloud providers using Active Directory credentials, those cloud permissions are terminated as soon as such Active Directory accounts are disabled. This should mean less work for administrators, as AD FS allows them to revoke a user's permissions to all applications -- both on-premise and in the cloud – with one fell swoop, she said.

Other features of AD Federation Services 2.0 include integration with Microsoft SharePoint 2010 and support for WS-* and SAML protocols. As with AD FS 1.0, the software can also be managed and deployed through Microsoft's Server Manager feature as a Windows Server role.

AD Federation Services was originally one-third of the company's Geneva framework, along with Windows Identity Foundation (WIF) and Windows CardSpace. Microsoft released WIF at the Professional Developers Conference (PDC) in November 2010 as a free download. It allows developers to create and manage applications that can process claims generated by AD FS or other federation servers. As for CardSpace, the company's information card technology, the 2.0 version was recently delayed with no projected timetable.

Active Directory Federation Services 2.0 is currently available for download with systems running various editions of Windows Server 2008 or Server 2008 R2.

Find more news and information AD security and other Active Directory topics for Windows.

This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close