?
Solved

Active Directory Federation Services

Posted on 2011-03-04
6
Medium Priority
?
663 Views
Last Modified: 2012-06-21
We are considering utilizing active directory federation services as a solution to make one of our application single sign on.  The question that wa sposed to me is can we exclude certin groups of account or OU's from being single sign on?
0
Comment
Question by:georgedschneider
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 2

Expert Comment

by:mfulksCBT
ID: 35039701
If you search for Active Directory Federation Services Excluding Internal User Accounts there is a topic in the course on ADFS. Not sure if it does exactly what you need.

http://www.microsoft.com/learning/en/us/course.aspx?ID=50403A&Locale=en-us#tab2
0
 

Author Comment

by:georgedschneider
ID: 35056808
This appears to be for rights management not ADFS.  What I'm basically looking of ris I want to turn it on for an application for a group of users or exlcude for a group of users for example.
0
 

Author Comment

by:georgedschneider
ID: 35071344
We want to use it internal to allow users to use their ad information to authenticate to a web based application.  However we do not want this to be for every person in the doamin.  Is there a way to exclude specific users or groups of users from this?
0
Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

 
LVL 2

Accepted Solution

by:
mfulksCBT earned 2000 total points
ID: 35071506
You would create a group-claim on the ADFS server.  This document describes setting up ADFS with SharePoint.

http://technet.microsoft.com/en-us/library/cc262696%28office.12%29.aspx
0
 

Author Comment

by:georgedschneider
ID: 35071753
This would allow only the users in this group to use SSO to the web application using the AD credentials and not apply for the rest of the users in the Domain if I'm understanding you correctly.
0
 
LVL 2

Expert Comment

by:mfulksCBT
ID: 35072049
Yes.
0

Featured Post

Want to be a Web Developer? Get Certified Today!

Enroll in the Certified Web Development Professional course package to learn HTML, Javascript, and PHP. Build a solid foundation to work toward your dream job!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question