Managing ADFS Components
Updated: September 13, 2007
Applies To: Windows Server 2003 R2
Active Directory Federation Services (ADFS) has three components:
Federation Service: Functions as a security token service and routes authentication requests from external user accounts in partner organizations and clients on the Internet.
Federation Service Proxy: Functions as a proxy for the Federation Service in a perimeter network. This component is optional in an ADFS deployment.
ADFS Web Agent: Provides authorization (consumes security tokens) and either allows or denies access to two types of Web applications, as follows:
Claims-aware applications: Makes authorization decisions based on claims.
Windows NT token-based applications: Uses Windows-based authorization mechanisms.
- Claims-aware applications: Makes authorization decisions based on claims.
The following objectives are part of managing ADFS components:
Managing the Federation Service
Managing the Federation Service Proxy (Optional)
Managing ADFS Web Agents and Applications
Backing Up ADFS Components
Other ResourcesUnderstanding ADFS Components