Checklist: Implementing a Web SSO Design

Letzte Aktualisierung: Mai 2010

Betrifft: Active Directory Federation Services (AD FS) 2.0

This parent checklist includes cross-reference links to important concepts about the Web Single-Sign-On (SSO) design for Active Directory-Verbunddienste (AD FS) 2.0. It also contains links to subordinate checklists that will help you complete the tasks that are required to implement this design.

Complete the tasks in this checklist in order. When a reference link takes you to a conceptual topic or to a subordinate checklist, return to this topic after you review the conceptual topic or complete the tasks in the subordinate checklist so that you can proceed with the remaining tasks in this checklist.

Prüfliste Checklist: Implementing a Web SSO Design


  Task Reference

Review important concepts about the Web SSO design and determine which AD FS 2.0 deployment goals you can use to customize this design to meet the needs of your organization.


Konzeptionsthema Web SSO Design

Konzeptionsthema Identifying Your AD FS 2.0 Deployment Goals


Review the hardware, software, certificate, Domain Name System (DNS), attribute store, and client requirements for deploying AD FS 2.0 in your organization.

Konzeptionsthema Appendix A: Reviewing AD FS 2.0 Requirements


According to your design plan, install one or more Verbundservers in the corporate network or in the perimeter network.

The Web SSO design requires only one Verbundserver to function successfully. A single Verbundserver acts in both the claims provider role and the relying party role.

Prüflistenthema Checklist: Setting Up a Federation Server


(Optional) Determine whether or not your organization needs a Verbundserver proxy in the perimeter network.

Prüflistenthema Checklist: Setting Up a Federation Server Proxy


Depending on your Web SSO design plan and how you intend to use it, add the appropriate attribute store, relying party trusts, claims, and claim rules to the Federation Service.

Prüflistenthema Checklist: Configuring the Account Partner Organization


If you are an administrator in the resource partner organization, claims-enable your Web browser application, Web service application, or Microsoft® Office SharePoint® Server 2007 application using WIF and the WIF SDK.


Konzeptionsthema Windows Identity Foundation

Konzeptionsthema Windows Identity Foundation SDK