How To Set Up Ad Link

In this mail I will be installing and configuring the Active Directory Federation Services [Ad FS] server office. AD FS is able to provide Single-Sign-On [SSO] capabilities to multiple spider web awarding using a single Active Directory account.

vBoring Web log Series:

1. How to setup Microsoft Active Directory Federation Services [AD FS]
2. How to setup Microsoft Web Awarding Proxy

Install the AD FS Server Role:

Open Server Manager and click Manage -> Add together Roles and Features:

Click Next:

Role-based or characteristic-based installation should be selected so click Next:

Select the server you desire to install this office and then click Next:

Note: Web Awarding Proxy role and AD FS cannot be installed on the aforementioned figurer.

Select Agile Directory Federation Services so click Next:

No additional Features are needed. Click Next:

Click Adjacent:

The Advertizement FS role does not required a reboot. Click Install:

Once complete click Close:

Post-Deployment Configuration:

Back on Server Manager under Notifications click the message Configure the federation service on this server:

Since this is our start Advertising FS server select the first option then click Next:

Ensure the account you lot are logged into has Active Directory Domain Admin permissions. If not and so click Change. Click Next to keep:

SSL Certificate: On the drop down card you lot will see the certificates installed on the server. You can employ the default cocky signed or utilize one you lot create. Ensure you have it in .PFX format.

Federation Service Name: Requite your Advert FS a FQDN name.

Federation Service Display Proper name: Enter a display name

Click Side by side to proceed:

Note about Federation Service Name: If you are installing Advertisement FS on a Domain Controller or desire to apply a different FQDN for AD FS than the server yous will need to ensure the proper name you enter has a DNS Record created.

Since this is my home lab I am putting AD FS on my Domain Controller and needed to create a DNS entry.

Note near SSL Certificate: If you lot imported a document you lot volition see it added to your Personal Certificates.

On the Specify Service Account tab you may go the following message:

If you want the Wizard to create a Service Account for you lot then proceed to the PowerShell window beneath. If y'all want to create a Service Account manually you lot can add it by selecting the second choice.

PowerShell Commands:

Get-Help Add-KdsRootKey – Read about the command

Add-KdsRootKey -EffectiveImmediately – Generate root key

Enter the Service Account yous want to utilise and click Next:

Annotation: Ensure this user account is added to the local administrators group of your Advertizement FS server. Information technology is required to setup Microsoft Web Application Proxy.

You accept the option of using a Windows Internal Database (WID) or SQL Server. If you take a modest environment/lab and then use WID. If you accept a big environs use a SQL database. Click Adjacent:

Note: WID is a limited version of SQL Express that doesn't have a GUI or management interface. The WID database is a file (SUSDB.dbf) stored in C:\Windows\wid\data\

For additional information most using a SQL Server database click here.

Click Next:

If everything checks out click Configure:

Once consummate click Shut:

Advertizement FS is now installed and is ready for testing!

How to ensure AD FS is working:

Open a web browser and go to the URL below and click Sign In:

< stiff > https : //ADFS_FQDN/adfs/ls/idpinitiatedSignOn.aspx < / strong >

Yous should become a login box, enter your domain credentials, in one case logged in you lot should show the below screen:

You are now ready to utilise Advert FS in your environment!

How To Set Up Ad Link,

Source: https://www.virtuallyboring.com/how-to-setup-microsoft-active-directory-federation-services-adfs/

Posted by: blakeponver.blogspot.com

Share this post