This Active Directory Federation Services wiki page is intended to act as a content map for all members of the
AD FS community. Members of the AD FS product team will occasionally monitor this article and post new links as necessary. We would like to enlist your help in adding useful links to this article in order to make hot AD FS
topics and solutions more discoverable to the overall community. (Note that several of the links provided on this page are to community-created content that is external to TechNet Wiki.)
The following TOC list can be used to help you quickly jump to the relevant content category that is most applicable to your
AD FS documentation needs.
Table of Contents Learn about AD FS 2.0 Introduction to AD FSAbout Claims and Claim RulesAbout Claims-Based Identity & Applications Research AD
FS 2.0 Solutions Integration with Microsoft Cloud Products Office 365Windows Azure Applications PlatformWindows Azure Appfabric Access Control Services (ACS) Integration with Microsoft On-Premises Products Active Directory Domain Services (AD DS)Active Directory Rights Management Services (AD RMS)Exchange Server 2010Forefront Identity Manager (FIM)Forefront UAGMicrosoft Dynamics NAV 2013Microsoft Dynamics CRM 2011SharePoint Server 2007 & Windows SharePoint Services 3.0SharePoint Foundation 2010SharePoint Server 2010Windows Identity Foundation (WIF) Interoperability with Non-Microsoft Products Interop Setup GuidanceInterop Test Lab Step-by-Step Guides Case Studies Microsoft IT Design and Deploy AD FS 2.0 Plan and DesignDeploy Manage AD FS 2.0 CertificatesFederation ServerFederation Server ProxyFederation ServiceMonitoringOffice 365PowerShellSecuritySign-in / Sign-outTrusts Troubleshoot AD
FS 2.0 Authentication / AuthorizationBrowser Client ErrorsCertificatesFederation Server ProxyFederation ServiceForeFront UAGInstallation / SetupLogging / TracingOffice 365Trusts QFEs
Related to AD FS 2.0Additional AD FS 2.0 References Developer ReferencesSoftware DownloadsRelated Microsoft ProductsRelated Open Standards Community Resources ForumsBlogsFeeds
Overview of AD FS 2.0
Wow, this is very in depth! Great job, Nick!
Very cool! thanks!
The article "Forefront UAG and ADFS: Better together" above refers to ADFS 1.0 not 2.0.
•Requires agents to be incorporated into the web application – unless using Token agent.
ADFS v2.0 does not have agents
•ADLDS or Active Directory can be used as the account store.
ADFS v2.0 only allows ADDS not ADLDS
Awesome ADFS reference - thanks very much.
The best ADFS reference out there!
I'm surprised there is no information in regards to managing Relying Party Trust certificates. When you have numerous RPs, each with their own certificates and expiration dates, being able to quickly and easily see this information is important to business.
Is there a way to list all of the expiration dates of the Relying Party Trust certificates?
Powershell can list the Relying Party Trust information by using the get-adfsrelyingpartytrust. The certificate information is under the EncryptionCertificate portion, but the EncryptionCertificate info cannot specifically be queried by itself to show only the expiration dates of all the servers.
The closest thing I have been able to come up with is this command:
Get-ADFSRelyingPartyTrust | Format-List Name, EncryptionCertificate
However, this still shows too much information and it is not something that can be easily exported to a CSV file to have a column specifically for expiration date in order to easily manage and see expiring certificates for our clients (in order to be proactive).
I have scoured the web and cannot find one thing remotely close to this. I'm surprised no other organizations have requested this information.
I've increased readability of this article.
Is there anybody at MS that knows how to create a Word document?
deep study, thanks for sharing!
Excellent one !!!