Link to home
Start Free TrialLog in
Avatar of georgedschneider
georgedschneiderFlag for United States of America

asked on

Active Directory Federation Services

We are considering utilizing active directory federation services as a solution to make one of our application single sign on.  The question that wa sposed to me is can we exclude certin groups of account or OU's from being single sign on?
Avatar of mfulksCBT
mfulksCBT

If you search for Active Directory Federation Services Excluding Internal User Accounts there is a topic in the course on ADFS. Not sure if it does exactly what you need.

http://www.microsoft.com/learning/en/us/course.aspx?ID=50403A&Locale=en-us#tab2
Avatar of georgedschneider

ASKER

This appears to be for rights management not ADFS.  What I'm basically looking of ris I want to turn it on for an application for a group of users or exlcude for a group of users for example.
We want to use it internal to allow users to use their ad information to authenticate to a web based application.  However we do not want this to be for every person in the doamin.  Is there a way to exclude specific users or groups of users from this?
ASKER CERTIFIED SOLUTION
Avatar of mfulksCBT
mfulksCBT

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
This would allow only the users in this group to use SSO to the web application using the AD credentials and not apply for the rest of the users in the Domain if I'm understanding you correctly.
Yes.