If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.
Solved
Active Directory Federation Services
Posted on 2011-03-04
We are considering utilizing active directory federation services as a solution to make one of our application single sign on. The question that wa sposed to me is can we exclude certin groups of account or OU's from being single sign on?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
3
-
3
6 Comments
If you search for Active Directory Federation Services Excluding Internal User Accounts there is a topic in the course on ADFS. Not sure if it does exactly what you need.
http://www.microsoft.com/learning/en/us/course.aspx?ID=50403A&Locale=en-us#tab2
http://www.microsoft.com/learning/en/us/course.aspx?ID=50403A&Locale=en-us#tab2
Active today
This appears to be for rights management not ADFS. What I'm basically looking of ris I want to turn it on for an application for a group of users or exlcude for a group of users for example.
Active today
We want to use it internal to allow users to use their ad information to authenticate to a web based application. However we do not want this to be for every person in the doamin. Is there a way to exclude specific users or groups of users from this?
You would create a group-claim on the ADFS server. This document describes setting up ADFS with SharePoint.
http://technet.microsoft.com/en-us/library/cc262696%28office.12%29.aspx
http://technet.microsoft.com/en-us/library/cc262696%28office.12%29.aspx
Active today
This would allow only the users in this group to use SSO to the web application using the AD credentials and not apply for the rest of the users in the Domain if I'm understanding you correctly.
Featured Post
Managing Active Directory does not always have to be complicated. If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately.
This Article and the Links apply to…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility.
Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller.
Log onto the new domain controller with a user account t…
Suggested Courses
Course of the Month11 days, 13 hours left to enroll
636 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.