ADFS Part 1
This identity model allows users in one organization to access resources in another without re-authenticating
What is identity federation?
In a single organization, AD FS enables SSO by trusting this internal identity provider.
What is Active Directory Domain Services (AD DS)?
This AD FS component issues security tokens containing claims about authenticated users.
What is the Security Token Service (STS)?
This planning activity estimates the number of authentication requests and helps determine server sizing.
What is capacity planning?
This AD FS component defines how incoming claims are processed and transformed before being issued.
What are claims rules?
This type of identity represents a user through a set of attributes like name, email, or role.
What is claims-based identity?
This AD FS component transforms incoming claims into outgoing claims for relying parties.
What is the claims rule engine?
AD FS requires this type of certificate to sign tokens and establish trust with relying parties.
What is a token-signing certificate?
This Azure service can be used to host AD FS and provide scalable, cloud-based federation.
What is Azure Virtual Machines?
This trust relationship in AD FS identifies the identity provider that authenticates users.
What is a claims provider trust?
This authentication method relies on tokens containing user attributes rather than usernames and passwords.
What is claims-based authentication?
n a business-to-business federation, AD FS establishes trust between organizations using this type of relationship.
What is a federation trust?
This AD FS component handles authentication requests from users and redirects them to the appropriate identity provider.
What is the Federation Service Proxy?
This AD FS requirement ensures that all servers in the farm share configuration data.
What is a Windows Internal Database or SQL Server?
This trust relationship in AD FS defines the application or service that consumes issued claims.
What is a relying party trust?
This Windows Server role enables secure identity federation and supports claims-based authentication.
What is Active Directory Federation Services (AD FS)?
AD FS enables SSO across organizations by issuing this type of token to the relying party.
What is a SAML token?
This certificate type is required to secure communications between AD FS servers and clients.
What is an SSL/TLS certificate?
When deploying AD FS in Azure, this security measure helps protect the federation service from internet-based threats.
What is placing AD FS behind an Azure Application Gateway or firewall?
In a federation scenario, this organization authenticates users and sends claims to the resource partner.
What is the account partner?
AD FS uses this protocol to issue security tokens containing claims about a user.
What is WS-Federation?
This AD FS feature allows users to access multiple applications without signing in again, even across organizational boundaries.
What is Single Sign-On (SSO)?
To ensure high availability, AD FS should be deployed with multiple servers behind this network component.
What is a load balancer?
These are statements about a user—such as name, email, or group membership—used in AD FS tokens.
What are claims?
In a federation scenario, this organization hosts the application or service that consumes the claims.
What is the resource partner?