?
Solved

ADFS with two email domains.

Posted on 2016-09-22
2
Medium Priority
?
44 Views
Last Modified: 2016-10-11
Current setup: One AD domain with one ADFS server, and one ADFS proxy server. This ADFS setup is used for employees with an email domain of abc.com to access CRM. We would like to setup AD authentication for other employees in our company to access a different application, and their email domain is cde.com. The current ADFS server is setup with a certificate for the abc.com email domain.

My question is should I build an ADFS connection on the current server with cde.com, should I build an additional server and create an ADFS farm, or should I build an additional server but not in a farm (since the email domains are different)?

Thanks,
Bill
0
Comment
Question by:whbaxter
  • 2
2 Comments
 
LVL 44

Accepted Solution

by:
Adam Brown earned 2000 total points (awarded by participants)
ID: 41811491
If these users are in the same Domain/Forest, the Email domain doesn't really matter so much. The certificate you have is still valid, you would just need to make sure the trust relationship between the new application and the ADFS server uses the URL on the certificate. For the most part, that certificate is just used for encrypting the connection to ADFS's HTTPS portal, so it doesn't normally get used for the actual ADFS functions. You can use the same ADFS server for both applications and email domains without a problem, it's just a more complex setup that requires you to include rules to exclude users that don't have the proper alias from connecting to the application they aren't supposed to use.
0
 
LVL 44

Expert Comment

by:Adam Brown
ID: 41838086
no response
0

Featured Post

Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

I’m willing to make a bet that your organization stores sensitive data in your Windows File Servers; files and folders that you really don’t want making it into the wrong hands.
Seizing the Operation Master Roles in Windows Server 2016 in case of FSMO holder failure.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

589 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question