none
WID vs SQL Server for ADFS RRS feed

  • Question

  • We are working on federated authentication for our Sharepoint 2010 and will be installing ADFS on Windows Server 2012 R2.  We will be using SAML authentication.  We are having some delays related to obtaining a SQL Server license so my question is: can we use Windows Internal Database (WID) for this?  From my research, it looks like using WID will cause the following 2 features not be available:

    - SAML artifact resolution

    - SAML/WS-Federation token replay detection feature

    Is the support for these two features important in Sharepoint?  That is, can we use WID or do we have to install SQL Server? 

    thanks,

    Friday, January 15, 2016 7:07 PM

Answers

  • Hello,

    Using WID for ADFS 3.0 is working pretty well with SharePoint !

    SAML authentication will also work as expected ... Don't say SAML authentication won't work... is designed to be.

    SAML artifact resolution is not needed for SharePoint >
    "This feature is not required for Microsoft Online Services, Microsoft Office 365, Microsoft Exchange, or Microsoft Office SharePoint scenarios." https://technet.microsoft.com/en-in/library/gg982489.aspx

    The token replay detection is mandatory and provide additionnal security. Need to be configured manually within SharePoint.
    https://technet.microsoft.com/en-us/library/ff607753%28v=office.14%29.aspx

    Go ahead with WID until SQL Server licence and keep in mind that if your primary server in the farm is failling, you can't update the configuration until you switch the primary server to another one.

     
    Friday, January 15, 2016 11:24 PM

All replies

  • Yes, You can use WID for ADFS configuration but You are right that above feature won't work with WID as these are part of SQL.

    Using WID, Your SAML authentication won't work.

    Follow below for reference:

    https://technet.microsoft.com/en-in/library/ee913581.aspx

    -----------------------------------------------------------------------------------

    Mark as Answer if this helps You!

    Thanks,

    Mayank Dhama

    Friday, January 15, 2016 7:18 PM
  • Hello,

    Using WID for ADFS 3.0 is working pretty well with SharePoint !

    SAML authentication will also work as expected ... Don't say SAML authentication won't work... is designed to be.

    SAML artifact resolution is not needed for SharePoint >
    "This feature is not required for Microsoft Online Services, Microsoft Office 365, Microsoft Exchange, or Microsoft Office SharePoint scenarios." https://technet.microsoft.com/en-in/library/gg982489.aspx

    The token replay detection is mandatory and provide additionnal security. Need to be configured manually within SharePoint.
    https://technet.microsoft.com/en-us/library/ff607753%28v=office.14%29.aspx

    Go ahead with WID until SQL Server licence and keep in mind that if your primary server in the farm is failling, you can't update the configuration until you switch the primary server to another one.

     
    Friday, January 15, 2016 11:24 PM