Planning AD FS-Enabled Web Server Placement
Applies To: Windows Server 2008
An Active Directory Federation Services (AD FS)–enabled Web server relies on AD FS Web Agents to check if incoming requests need to be authenticated, and if so, the server directs the requests to a resource federation server to perform the actual authentication. The AD FS Web Agents also parse the tokens and cookies that are issued by the federation server to determine if access to the given application should be granted.
You must place at least one AD FS-enabled Web server in the resource partner organization. See the following topics for details about determining when and where to create and place an AD FS-enabled Web server:
Note
Although this information may help with your placement planning for AD FS-enabled Web servers, it does not explain how to determine the proper number of AD FS-enabled Web servers or the server hardware requirements for each AD FS design.
For examples of where AD FS-enabled Web servers can be placed in any of the three primary AD FS design scenarios, see Mapping Your Deployment Goals to an AD FS Design.