Active Directory Federation Services Proxy snap-in

Applies To: Windows Server 2003 R2

The Active Directory Federation Services (ADFS) Proxy Microsoft Management Console (MMC) snap-in is installed when you install the Federation Service Proxy component in Add or Remove Programs in Windows Server 2003 R2, Enterprise Edition. You can use the ADFS Proxy snap-in to:

• Configure the Federation Service that this Federation Service Proxy is acting as a proxy for.

• Determine how to collect user credential information from browser clients and Web applications.

The settings in the ADFS Proxy snap-in are stored in the Web.config file in the Federation Service Proxy virtual directory.

Federation Service Proxy node

The Federation Service Proxy node in the snap-in's console tree hierarchy represents the current Federation Service Proxy settings. You control the local federation server proxy configuration through this node in the ADFS Proxy snap-in. The actual client authentication certificate with the private key is present in the local computer personal certificate store.

ADFS distinguishes between the local configuration for a federation server proxy and the trust policy configuration that is shared among all servers in the federation server farm. The local proxy configuration is stored in the Web.config file, and it includes the following items:

• The Federation Service Uniform Resource Locator (URL)

• The client authentication certificate to be used by the federation server proxy for Transport Layer Security and Secure Sockets Layer (TLS/SSL) communication with the Federation Service

• Microsoft ASP.NET Web pages