• Home
• All trainings
• Training MS Office
• Implementing Active Directory Federation Services 2.0

Training Implementing Active Directory Federation Services 2.0 - 4 days

Class overview :

Class goals :

On completion of this training course, delegates should be able to:

• Define key concepts and terminology relating to Active Directory Federation Services 2.0
• Install and configure Windows prerequisites for AD FS 2.0
• Install and configure Public Key Infrastructure (PKI) for AD FS 2.0
• Deploy AD FS 2.0 to provide claims-aware authentication in a single organization
• Configure AD FS 2.0 to provide claims-aware authentication in a business-to-business federation
• Design and deploy advanced AD FS 2.0 scenarios, including providing for high availability and SAML interoperability
• Use the AD FS 2.0 claims rule language to create custom claim rules
• Troubleshoot AD FS 2.0

Content of Implementing Active Directory Federation Services 2.0

Introducing Claims-based Identity

This module explains how to recognize AD FS terminology and common use cases for AD FS 2.0.

• Introducing the Identity Metasystem
• Existing Solutions for Managing Identities
• The Benefits of Claims-based Identity
• The Evolution of AD FS
• Use Cases for AD FS
• AD FS and Claims-based Terminology
• Lab: Familiarizing Yourself with the Lab Environment
  • Accessing Servers Using Hyper-V
  • Accessing Servers Using Remote Desktop

AD FS Prerequisites

This module explains how to configure Windows prerequisites for AD FS 2.0, including Windows Server and Internet Information Services (IIS). This module also explains how AD FS 2.0 utilizes Web services to achieve interoperability.

• Windows Prerequisites
• Introducing Directory Services
• Active Directory and Active Directory Lightweight Directory Services
• Web Services, Standards, and Interoperability
• Internet Information Services
• Lab: Installing Windows Prerequisites for AD FS 2.0
  • Configuring DNS Forwarders
  • Configure a Sample WIF Application

Public Key Infrastructure (PKI)

This module explains how to install and configure the Public Key Infrastructure (PKI) requirements necessary to deploy AD FS 2.0.

• Introducing the Public Key Infrastructure
• PKI Basics
• Introduction to Cryptography
• PKI Design
• Installing and Configuring Certificate Services
• Lab: Installing and Configuring a Public Key Infrastructure (PKI)
  • Installing and Configuring an Enterprise Root CA in the A. Datum Active Directory
  • Configure an SSL Certificate for the Web Server
  • Import Certificates in the Necessary Locations

AD FS 2.0 Components

This module explains how to install and configure the Windows Identity Foundation (WIF), and how to install the ADFS 2.0 service in the federation server role.

• The Federation Server Role
• Claims Types, Endpoints, and Attribute Stores
• AD FS Security
• The Federation Server Proxy Role
• Administering AD FS
• Windows Identity Foundation
• Lab: Installing AD FS Server
  • Installing AD FS on ADATUM-DC1
  • Installing AD FS on CONTOSO-DC1

Claims-based Authentication in a Single Organization

This module explains how to design and deploy AD FS 2.0 to provide claims-based authentication within a single organization.

• Preparing for AD FS in a Single Organization
• AD FS Within a Single Organization
• Understanding Claims and Claim Types
• Claim Rules and Claim Rule Templates
• Creating Claim Rules from Templates
• Configuring AD FS in a Single Organization
• Lab: Configuring Claims-based Authentication in a Single Organization
  • Prepare CONTOSO-DC1 with Certificates and Claim Rules
  • Configure the Sample WIF SDK Application Using FedUtil.exe
  • Configure a Relying Party Trust to the WIF SDK Sample Application
  • Configuring Claims-aware Access to SharePoint 2010

Claims-based Authentication in a Business-to-Business Federation

This module explains how to design and deploy AD FS 2.0 to provide claims-based authentication in a business-to-business federation scenario.

• Deploying AD FS in a Federated Environment
• Configuring a Claims Provider Trust
• Understanding Home Realm Discovery
• Managing Claims Across Organizations
• Lab: Configuring Claims-based Authentication in a Business-to-Business Federation
  • Configure the WIF Sample Application for B2B Federated WebSSO
  • Configure SharePoint 2010 for Federated WebSSO Access

Advanced AD FS Deployment Scenarios

This module explains how to deploy an AD FS server as a federation server proxy. It also explains how to design an AD FS deployment to create a high-availability configuration, and how to configure AD FS 2.0 to achieve interoperability with SAML 2.0-compatible products and applications.

• Implementing the Federation Server Proxy
• Planning for High Availability
• Additional AD FS Configuration Scenarios
• AD FS 2.0 and SAML Interoperability
• Lab: Advanced AD FS Deployment Scenarios
  • Install and Configure the AD FS Proxy
  • Install and Configure an AD LDS Attribute Store

The AD FS Claims Rule Language

This module explains how to configure custom AD FS claim rules using the AD FS 2.0 claim rule language.

• Reviewing the Claims Pipelineand Claims Engine
• Introducing the Claims Rule Language
• Lab: The AD FS Claims Rule Language
  • Create Rules Using the Claim Rule Language
  • Query an AD FS Attribute Store

AD FS Troubleshooting

This module explains how to audit, troubleshoot, and trace AD FS 2.0 components and claims-aware applications, at both the server and client level.

• Configuring Auditing for AD FS
• AD FS Troubleshooting
• Tracing AD FS Traffic
• Lab: AD FS Troubleshooting
  • View AD FS Troubleshooting Information
  • View AD FS Web Browser Traffic