We are considering utilizing active directory federation services as a solution to make one of our application single sign on. The question that wa sposed to me is can we exclude certin groups of account or OU's from being single sign on?
Windows Server 2008
Last Comment
mfulksCBT
8/22/2022 - Mon
mfulksCBT
If you search for Active Directory Federation Services Excluding Internal User Accounts there is a topic in the course on ADFS. Not sure if it does exactly what you need.
This appears to be for rights management not ADFS. What I'm basically looking of ris I want to turn it on for an application for a group of users or exlcude for a group of users for example.
georgedschneider
ASKER
We want to use it internal to allow users to use their ad information to authenticate to a web based application. However we do not want this to be for every person in the doamin. Is there a way to exclude specific users or groups of users from this?
This would allow only the users in this group to use SSO to the web application using the AD credentials and not apply for the rest of the users in the Domain if I'm understanding you correctly.
http://www.microsoft.com/learning/en/us/course.aspx?ID=50403A&Locale=en-us#tab2