ADFS2016 and agent installation and configuration

Others 2019-07-23 11:44:45 views: null

A, ADFS installation tutorial

Precautions:

1, ADFS dependent domain environment, i.e., Active Directory Domain Services (AD DS) , ADDS will also install the DNS service. ADDS ADFS and do not install to the same server, manage and maintain their convenient! In addition the use of the domain name standard format domain name , such as "mycompany.com", do not use "mycompany.local", because the public can not apply for an SSL certificate.

2, ADFS server where the need to join a domain! ADFS otherwise unable to communicate with AD.

3, you must use an SSL certificate, and a certificate for the public, or external network access has trust issues! Certificates can be used pan-domain certificates, such as "* .mycompany.com", then ADFS service name (Federation Service Name) can be defined as adfs.mycompany.com or sso.mycompany.com and so on, and the sub-domain name can be resolved correctly ( intranet DNS to resolve configuration). If you use the "sso.mycompany.com" sub-domain SSL certificates, ADFS service name (Federation Service Name) must be consistent, that is, "sso.mycompany.com"!

4, after the installation and configuration is completed, the network test (because it is the network DNS) https://sso.mycompany.com/adfs/ls/idpinitiatedSignOn.aspx

If you can not access, use powershell,

- Check whether to enable

_>(Get-AdfsProperties).EnableIdPInitiatedSignonPage

If it returns "false", be enabled

_>Set-AdfsProperties -EnableIdPInitiatedSignonPage $true

 

Guide link (installation and configuration comprises two steps):

https://www.virtuallyboring.com/how-to-setup-microsoft-active-directory-federation-services-adfs/

 

Two, ADFS Proxy (Web Application Proxy) Installation Guide

 ADFS located in the network, usually for safety reasons, is not disclosed for client access to the external network, typically carried out indirectly through ADFS agent.

Precautions:

1, ADFS and agents not deployed to the same server!

2, agents do not add domain! But the need to be able to access ADFS server!

3, and ADFS can use the same certificate!

4, because it is the SSL communication, the need for domain names! Configuring the external network DNS pointing to this server (sample domain https://sso.mycompany.com)

 Tutorial link (containing the agent installation, configuration, release three steps)

http://www.mistercloudtech.com/2015/11/25/how-to-install-and-configure-web-application-proxy-for-adfs/

5, after the release is completed, Extranet test (non-corporate network, then access a proxy server)

https://sso.mycompany.com/adfs/ls/idpinitiatedSignOn.aspx

Guess you like

Origin www.cnblogs.com/imust2008/p/11229381.html
Recommended
Ranking
Most efficient way to query a json array?
Under Linux Automated Deployment ASP.NET CORE 3.1 (Docker + Jenkins + Nginx)
Getting started with Node CLI
论文详解——《InternImage: Exploring Large-Scale Vision Foundation Models with Deformable Convolutions》
Is the principle of object new the same as the principle of girlfriend generation?
GIT first commit project operation
JavaScript version of Struts2-Ajax integration
7-6 Is a complete binary search tree (30 points)
Pytorch实现AutoEncoder自动编码器
Java basics (regular expressions)
Daily
More
2024-04-15(5)
2024-04-14(0)
2024-04-13(18)
2024-04-12(5)
2024-04-11(0)
2024-04-10(1)
2024-04-09(0)
2024-04-08(1)
2024-04-07(0)
2024-04-06(1)

Code World

© 2018 codetd.com