PKI Blog

Azure Active Directory, ADFS 3.0 and OWIN

Posted by Jake Chang on May 12, 2014 9:56:15 AM

With Windows AAD (Azure Active Directory), ADFS 3.0 (Active Directory Federation Service), and OWIN (Open Web Interface for .NET), you will find your corporate individual core identity, making connections between your corporation and the whole world for unlimited opportunities.

Read More

Topics: Federation, Active Directory Federation Service, IT Security, Microsoft Security Partner, AD FS, ADFS 3.0, OWIN Open Web Interface for .NET, Azure Active Directory, Identity Management, OWIN, Open Web Interface for .NET, ADFS, Blog, ADD, Azure

Federated Identity Access to Windows Azure Service Bus

Posted by Jake Chang on Nov 13, 2013 4:42:02 AM

Identity Federation is all about trusts. As the diagram shows below, all participants within such identity federation form a cycle of trusts. One can easily extend federated authentication for Windows Azure Service Bus to external user communities with social identity, Windows Azure Active Directory (WAAD) tenant’s cloud identity, or business partner’s identity. It also supports federation protocols such as SAML-P, WS-Fed and OpenID.

Read More

Topics: Federation, Windows Azure Active Directory, SWT token, Cloud, IT Security, Microsoft Security Partner, Identity Federation, security token service (STS), SAML token, Access Control Service, Windows Azure Service Bus, Windows Azure Active Directory (WAAD), identity, Blog, Microsot Azure, Azure, Active Directory, AD, Windows Azure, OpenID, WAAD, SAML-P

Migrating Relying Party Trusts

Posted by Sarah Duncan on Jul 9, 2013 5:29:48 AM

There are times when you might find yourself needing to migrate a relying party (RP) from one AD FS implementation to another. Unfortunately, at the moment there do not seem to be existing tools to do this. So, we offer the following rather quick and dirty approach. There might be better ways, but this gets the job done.

Read More

Topics: Federation, Microsoft Active Directory AD, Active Directory Federation Services, AD FS, Migration, Blog, PowerShell script, Active Directory, Relying Party trusts, PowerShell

AD FS 2.0 Rollup 2 and Customized Pages

Posted by Sarah Duncan on Mar 27, 2013 10:46:56 AM

Update Rollup 2 for Active Directory Federation Services (AD FS) 2.0, which was released last year, addresses five issues:

Read More

Topics: SAML, Federation, Microsoft Active Directory AD, Active Directory Federation Services, IT Security, Microsoft Security Partner, Microsoft Active Directory Federated Services, AD FS, Microsoft Active Directory, SAML 2.0, Blog

“Thinking Different” Making Apps SAML 2.0 Federation-Capable

Posted by CSS Technical Team on Mar 20, 2013 4:54:00 AM

When implementing a federation solution, or replacing an existing legacy solution, let’s consider how “thinking about the problem differently” can improve things.

Read More

Topics: SAML, Federation, Active Directory Federation Services, Application Publishing, Federation Capable, IT Security, Microsoft Security Partner, Applications, AD FS, SAML 2.0, Blog, Active Directory, Apps

Creating a Self-Signed SSL Certificate using PowerShell

Posted by Sarah Duncan on Mar 11, 2013 7:03:08 AM

There are many ways to create self-signed certificates; some require additional tools that are not typically available on a Windows server or use cryptic commands. This PowerShell script offers an easy way to create SSL certificates without requiring anything that isn't typically installed on a Windows server.

Read More

Topics: Federation, Public Key Infrastructure, Blog

Claims-based Authentication and Authorization with ADFS 2.0 and SharePoint 2010

Posted by Jake Chang on Jan 21, 2013 9:02:07 AM

A lot of technical notes and web articles talk about different aspects for claims-based federation between ADFS 2.0 and SharePoint 2010. In this blog, we will primarily focus on claims mapping, setting for authentication and authorization process.

Read More

Topics: Federation, Microsoft ADFS, Active Directory Federation Services, IT Security, Microsoft Security Partner, authentication, ADFS 2.0, SharePoint, Claims-based authentication, Microsoft AD, ADFS, SharePoint 2010, Blog, Microsoft SharePoint, Microsoft SharePoint 2010, Active Directory, PowerShell

A PowerShell script to find AD FS 2.0 errors

Posted by CSS Technical Team on Nov 2, 2011 10:18:58 AM

So one of your users has received an error from AD FS 2.0, and you need to determine what the problem is. Unfortunately, sometimes the error message doesn't give much of a clue—for example the web page shown below.

Read More

Topics: Federation, Microsoft Active Directory AD, IT Security, Microsoft Security Partner, FS, AD FS, Microsoft AD, AD FS server, AD FS 2.0, Blog, PowerShell script, Active Directory, PowerShell, AD

AD FS 2.0 and One-Way Cross-Forest Trusts

Posted by Sarah Duncan on Sep 6, 2011 5:39:40 AM

So you want to make some of your applications available using federation but you have multiple forests. What can you do? Well, if you have two-way trusts between your forests, you’re in luck, because AD FS works very well if you have two-way trusts between the forests. But what if you have only a one-way trust between forests? Then what?

For this scenario, we will assume that you want to provide SSO to multiple applications for users from two different forests. The applications may reside in one or the other of the forests or may be cloud-based (and thus in neither forest).

Read More

Topics: Federation, IT Security, Microsoft Security Partner, ADFS, AD FS 2.0, Blog

Posts by Topic

see all

Want to Learn more about CSS?