Active Directory Federation Services
-
sexta-feira, 7 de setembro de 2012 07:38
Hi,
We are having three security zones in our network which are mentioned below. We have Domain Controllers in LAN and SZ2 zones at present. We have a requirement that there will be Sharepoint application server in SZ1 zone and that should authenticate users based on their AD credentials. As per security concerns we cannot open AD authentication ports between SZ1 and SZ2 zone.
We are planning to use ADFS in SZ1 zone which will send authenticate the users using the DC in SZ2 Zone.
I need help in designing the same and what all components I would require.
- What is the port requirement for ADFS talking to AD
- Do I need to place a ADFS Server in SZ1 as well as SZ2 also.
- How will Sharepoint Authenticate using AD when it is not joined to Domain.
Please suggest how to move forward with this.
Security Zones
DMZ(Internet Facing Zone)
==================Firewall===================
SecureZone1 (SZ1)
=================Firewall====================
Secure Zone2 (SZ2)
=================Firewall====================
LAN
Todas as Respostas
-
sexta-feira, 7 de setembro de 2012 07:55
This seems to be more suitable for AD FS forum:http://social.msdn.microsoft.com/Forums/en/Geneva/
And the Sharepoint forum might be also helpful http://social.technet.microsoft.com/Forums/en-US/category/sharepoint2010
Active Directory Firewall Ports - Let's Try To Make This Simple
http://msmvps.com/blogs/acefekay/archive/2011/11/01/active-directory-firewall-ports-let-s-try-to-make-this-simple.aspx
Best Regards,
Sandesh Dubey.
MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog
Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
- Editado Sandesh DubeyMicrosoft Community Contributor sexta-feira, 7 de setembro de 2012 08:03
- Sugerido como Resposta Abhijit WaikarMicrosoft Community Contributor sexta-feira, 7 de setembro de 2012 09:22
- Marcado como Resposta K_evin ZhuMicrosoft Contingent Staff, Moderator segunda-feira, 10 de setembro de 2012 05:17
-
sexta-feira, 7 de setembro de 2012 08:58Moderador
Its better to post this thread into the ADFS forum.
http://social.msdn.microsoft.com/Forums/en/Geneva/threads
Awinish Vishwakarma - MVP
My Blog: awinish.wordpress.com
Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights.
- Editado AwinishMVP, Moderator sexta-feira, 7 de setembro de 2012 08:58
.png)
