Export (0) Print
Expand All

Checklist: Installing a federation server

Updated: December 15, 2006

Applies To: Windows Server 2003 R2

This checklist includes the deployment tasks necessary to prepare a server running Windows Server 2003 R2, Enterprise Edition, for the Active Directory Federation Services (ADFS) federation server role.

noteNote
Complete the tasks in this checklist in order. When a reference link takes you to a procedure, return to this topic after you complete the steps in that procedure so that you can proceed with the remaining tasks in this checklist.

Checklist Checklist: Installing a federation server

 

  Task Reference
Checkbox

Review information in the Active Directory Federation Services Design Guide about where to place federation servers in your organization

Conceptual topic Planning Federation Server Placement

Conceptual topic Where to place a federation server

Checkbox

Use the information in the Active Directory Federation Services Design Guide to determine whether a single federation server or federation server farm is preferred for your deployment.

Conceptual topic When to create a federation server

Conceptual topic When to create a federation server farm

Checkbox

Use the information in the Active Directory Federation Services Design Guide to determine whether this new federation server will be created in the account partner organization or the resource partner organization.

Conceptual topic Review the role of the federation server in the account partner organization

Conceptual topic Review the role of the federation server in the resource partner organization

Checkbox

Review information in the Active Directory Federation Services Design Guide about how federation servers use server authentication certificates and token-signing certificates to securely authenticate client and federation server proxy requests.

Conceptual topic Certificate requirements for federation servers

Checkbox

Review information in the Active Directory Federation Services Design Guide about how to update the corporate network Domain Name System (DNS) so that successful name resolution to federation servers can occur.

Conceptual topic Name resolution requirements for federation servers

Checkbox

Join the computer that will become the federation server to a domain in the account partner forest or resource partner forest where it will be used to authenticate the users of that forest or from trusting forests.

noteNote
If you want to create a federation server in the account partner organization, the computer must first be joined to any domain in the forest where your federation server will be used to authenticate users from that forest or from trusting forests.

Procedure topic Join a computer to a domain

Checkbox

Create a new resource record in the corporate network DNS that points the DNS host name of the federation server to the IP address of the federation server.

Procedure topic Add a host (A) record to corporate DNS for a federation server

Checkbox

Install prerequisite applications such as ASP.NET, Internet Information Services (IIS) and Microsoft .NET Framework 2.0 on the computer that will become the federation server.

Procedure topic Install prerequisite applications

Checkbox

Secure IIS using a server authentication certificate, and configure ADFS with a token-signing certificate.

Checklist topic Checklist: Configuring certificates for a federation server

Checkbox

Install the Federation Service component on the computer that will become the federation server. Follow this procedure when you want either to create the first federation server in a new farm or to extend an existing farm.

noteNote
For the Federated Web Single Sign-On (SSO) and Federated Web SSO with Forest Trust scenarios, you must have at least one federation server in the account partner organization and at least one federation server in the resource partner organization.

Procedure topic Install the Federation Service component of ADFS

Checkbox

If this is the first federation server in your organization, configure the trust policy so that it conforms to your ADFS design.

Checklist topic Checklist: Configuring the account partner organization

Checklist topic Checklist: Configuring the resource partner organization

Checkbox

From a client computer, verify that the federation server is operational.

Procedure topic Verify that a federation server is operational

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft