Here is my scenario:
Users and workstations at site X authenticate to an AD under, let's say, Domain-X
The servers are hosted at a remote data centre, which has a domain named Domain-Y.
Now, the users need to access the web portals under Domain-Y. In this case, should I deploy an ADFS in the data centre perimeter network to handle the authentication requests? I've read up a bit on ADFS and it seems that it is not trivial to set this up.
In actual fact, the users, workstations and servers all belong to the same organization, and I want to keep things simple. I thought of setting up a one way trust from the server domain (Domain-Y) to the site X domain (Domain-Y). But in doing so, do I still need an ADFS?
Lastly, does the AD at Domain-Y need a connection to the AD at Domain-X to retrieve the user account info?
All help is much appreciated. Thanks in advance.
If Domain-X and Domain-Y are part of the same AD Forest, then you already have the trust set up. With a trust, both Domain-X and Domain-Y need to be able to talk to each other.