Export (0) Print
Expand All

Checklist: Implementing a Web SSO Design

Updated: January 31, 2008

Applies To: Windows Server 2008

This parent checklist includes cross-reference links to important concepts about the Web Single-Sign-On (SSO) design. It also contains links to subordinate checklists that will help you complete the tasks that are required to implement this design.

noteNote
Complete the tasks in this checklist in order. When a reference link takes you to a conceptual topic or to a subordinate checklist, return to this topic after you review the conceptual topic or complete the tasks in the subordinate checklist so that you can proceed with the remaining tasks in this checklist.

Checklist Checklist: Implementing a Web SSO Design

 

  Task Reference
Checkbox

Review important concepts and examples for the Web SSO design and determine which Active Directory Federation Services (AD FS) deployment goals you can use to customize this design to meet the needs of your organization.

noteNote
The Web SSO design does not require that you set up partners in the Federation Service.

Conceptual topic Web SSO Design

Conceptual topic Federated Web SSO Example

Conceptual topic Identifying Your AD FS Deployment Goals

Checkbox

Review the hardware, software, certificate, Domain Name System (DNS), account store, and client requirements for deploying AD FS in your organization.

Conceptual topic Appendix A: Reviewing AD FS Requirements

Checkbox

According to your design plan, install one or more federation servers in the corporate network or in the perimeter network.

noteNote
The Web SSO design requires only one federation server to function successfully. A single federation server acts in both the account partner role and the resource partner role.

Checklist topic Checklist: Installing a Federation Server

Checkbox

(Optional) Determine whether or not your organization needs a federation server proxy in the perimeter network.

Checklist topic Checklist: Installing a Federation Server Proxy

Checkbox

Install one or more AD FS-enabled Web servers to host your preferred federated application using the appropriate AD FS Web Agent.

noteNote
The Web SSO design requires at least one AD FS-enabled Web server.

Checklist topic Checklist: Installing an AD FS-Enabled Web Server

Checkbox

Depending on your Web SSO design plan and how you intend to use it, install either an Active Directory Domain Services (AD DS) account store or an Active Directory Lightweight Directory Services (AD LDS) account store in the Federation Service.

Checklist topic Checklist: Configuring the Account Partner Organization

Checkbox

For SSO, incoming claims must be associated with organization group claims or custom claims that reside in the Federation Service.

Procedure topic Create an Organization Group Claim or Custom Claim

Checkbox

If you are an administrator in the resource partner organization, install either a claims-aware application or a Windows NT token–based application, or both, using the appropriate checklist.

noteNote
The account partner administrator does not have to complete either of the following checklists.

Checklist topic Checklist: Installing a Claims-Aware Application

Checklist topic Checklist: Installing a Windows NT Token-Based Application

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft