locked
ADFS for Single Sign-on RRS feed

  • Question

  • Hi,

    can ADFS provide singe sign-on for on-premises services? following is my scenario:

    I have 3 separate domains in a forest - A, B and C.

    domain A and B trust C.

    i wanted to install Exchange organisation in domain C to serve all users in domain A and B.

    I want the users to use single user name and password for both login on to their domains and accessing emails.

    what is the best solution to achieve this? 

    thanks in advance.

    Sunday, November 19, 2017 6:26 PM

All replies

  • I am note sure how ADFS enters in the game here. If all your domain are trusting each other at the ADDS level, you already have SSO with the Windows Integrated Auth. Can you detail a bit more the domain structures and trusts?

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Sunday, November 19, 2017 7:37 PM
  • Sorry, My bad.

    The scenario is as follows:

    Three separate forest (forest A, B and C)

    Users are in forest A and forest B. A new forest (forest C) will be created to host exchange services.

    No trust relationships -  All users from A and B will be authenticating to their respective domain to logon to their desktop systems, and will use email service from forest C.

    The objective is - users should use single username and password for logon as well as to accessing email service.

    Monday, November 20, 2017 7:14 AM
  • I don't think this is doable from an Exchange perspective... It's more of an Exchange question I'm afraid.

    I'll let the other chime in if they have any insights.


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, November 21, 2017 1:26 AM
  • yes it is :)

    This is the current claims documentation:

    https://technet.microsoft.com/en-us/library/dn635116(v=exchg.160).aspx 


    Cheers,

    Rhoderick

    Microsoft Senior Exchange PFE

    Blog: http://blogs.technet.com/rmilne  Twitter:   LinkedIn:   Facebook:   XING:

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, November 21, 2017 4:33 PM