(0) exportieren Drucken
Alle erweitern

Checklist: Implementing a Federated Web SSO with Forest Trust Design

Letzte Aktualisierung: Dezember 2006

Betrifft: Windows Server 2003 R2

This parent checklist includes cross-reference links to important concepts about the Federated Web Single-Sign-On (SSO) with Forest Trust design. It also contains links to subordinate checklists that will help you complete the tasks that are required to implement this design.

noteHinweis
Complete the tasks in this checklist in order. When a reference link takes you to a conceptual topic or to a subordinate checklist, return to this topic after you review the conceptual topic or you complete the tasks in the subordinate checklist so that you can proceed with the remaining tasks in this checklist.

Prüfliste Checklist: Implementing a Federated Web SSO with Forest Trust Design

 

  Task Reference
Kontrollkästchen

Review important concepts and examples for the Federated Web SSO with Forest Trust design and determine which Active Directory Federation Services (ADFS) deployment goals you can use to customize this design to meet the needs of your organization.

Konzeptionsthema Federated Web SSO with Forest Trust design

Konzeptionsthema Federated Web SSO with Forest Trust example

Konzeptionsthema Identifying Your ADFS Deployment Goals

Kontrollkästchen

Review the requirements for enabling the Federated Web SSO with Forest Trust design in both the account partner organization and the resource partner organization.

Konzeptionsthema When to enable Windows trusts

Kontrollkästchen

Review the hardware, software, certificate, Domain Name System (DNS), account store, and client requirements for deploying ADFS in both partner organizations.

Konzeptionsthema Appendix A: Reviewing ADFS Requirements

Kontrollkästchen

According to your design plan, install one or more federation servers in each partner organization.

noteHinweis
The Federated Web SSO with Forest Trust design requires at least one federation server in the account partner and at least one federation server in the resource partner.

Prüflistenthema Checklist: Installing a federation server

Kontrollkästchen

(Optional) Determine whether or not your organization needs a federation server proxy. If your design plan calls for a federation server proxy, you can install one or more federation server proxies in each partner organization.

Prüflistenthema Checklist: Installing a federation server proxy

Kontrollkästchen

If you are an administrator in the resource partner organization, install one or more ADFS-enabled Web servers to host your preferred federated application using the appropriate ADFS Web Agent.

noteHinweis
The account partner administrator does not have to complete the following checklist.

Prüflistenthema Checklist: Installing an ADFS-enabled Web server

Kontrollkästchen

According to your design plan, share certificates, configure clients, and configure the Federation Service in both partner organizations so that they can communicate over a federation trust.

Prüflistenthema Checklist: Configuring the account partner organization

Prüflistenthema Checklist: Configuring the resource partner organization

Kontrollkästchen

To enable the Federated Web SSO with Forest Trust scenario, complete the appropriate procedure in the account Federation Service and in the resource Federation Service.

noteHinweis
You must enable the Windows trust option in both the account Federation Service and in the resource Federation Service. If only one partner has this option enabled, this design will not function.

Thema Vorgehensweise Configure an account partner to use Windows trust

Thema Vorgehensweise Configure a resource partner to use Windows trust

Kontrollkästchen

If you are an administrator in the resource partner organization, install either a claims-aware application or a Windows NT token-based application, or both, using the appropriate checklist.

noteHinweis
The account partner administrator does not have to complete either of the following checklists.

Prüflistenthema Checklist: Installing a claims-aware application

Prüflistenthema Checklist: Installing a Windows NT token-based application

Fanden Sie dies hilfreich?
(1500 verbleibende Zeichen)
Vielen Dank für Ihr Feedback.

Community-Beiträge

HINZUFÜGEN
Anzeigen:
© 2014 Microsoft