<div>
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.<br />
<br />
I have recommended this question be closed as follows:<br />
<br />
Accept: Mahesh (<a href="https:#a42498093" rel="ugc">https:#a42498093</a>)<br />
<br />
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.<br />
<br />
seth2740<br />
Experts-Exchange Cleanup Volunteer
</div>


No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

Accept: Mahesh (https:#a42498093 [https:#a42498093])

If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

seth2740
Experts-Exchange Cleanup Volunteer

<div>
<div class="content wysiwyg-content">
HI, i am configuring an ADFS 4.0 server with an additional WAP Proxy Server to allow SSO with things such as facebook workplace and Egress Switch<br />
<br />
we have &nbsp;our primary domain which is company-A.com and a load of additional UPN suffixes which users can be configured with for &nbsp;example companyb.net, companyc.org and anycompany.com.<br />
<br />
the FQDN of the ADFS box will be <br />
<br />
ADFS.COMPANY-A.COM<br />
<br />
do we need to have a Multi-domain SAN certificate configured to allow external 3rd party applications such as office365, or facebook workspace to be able to authenticate users with usernames that contain one of the other UPN suffixes. or do we simply need a single domain certificate for adfs.company-a.com <br />
<br />
Regards<br />
<br />
<br />
Andy
</div>
</div>


HI, i am configuring an ADFS 4.0 server with an additional WAP Proxy Server to allow SSO with things such as facebook workplace and Egress Switch

we have  our primary domain which is company-A.com and a load of additional UPN suffixes which users can be configured with for  example companyb.net, companyc.org and anycompany.com.

the FQDN of the ADFS box will be 

ADFS.COMPANY-A.COM

do we need to have a Multi-domain SAN certificate configured to allow external 3rd party applications such as office365, or facebook workspace to be able to authenticate users with usernames that contain one of the other UPN suffixes. or do we simply need a single domain certificate for adfs.company-a.com 

Regards


Andy

Configuring ADFS with Multiple UPN Suffixes

Facebook is an online social networking service. After registering to use the site, users can create a user profile, add other users as "friends", exchange messages, post status updates and photos and receive notifications when others update their profiles. Additionally, users may join common-interest user groups, organized by workplace, school or college, or other characteristics, and categorize their friends into lists such as "People From Work" or "Close Friends". Notable features include a News Feed, Friends, a Wall, a Timeline, the Like button, Messages and an inbox, Notifications and Networks and groups.

Facebook

HTTPS is a protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL). The main motivation for HTTPS is authentication of the visited website and to protect the privacy and integrity of the exchanged data. HTTPS is widely used for protecting page authenticity on all types of websites, securing accounts and keeping user communications, identity and web browsing private.

SSL / HTTPS

Windows 10 is a personal computer operating system featuring the "universal application architecture" (UAP); apps can be designed to run across multiple devices with nearly identical code, including PCs, tablets, smartphones, embedded systems, Xbox One, Surface Hub and HoloLens. Windows 10 also includes a virtual desktop system, a window and desktop management feature called Task View, the Microsoft Edge web browser, support for fingerprint and face recognition login, voice-based search (Cortana), new security features for enterprise environments, and DirectX 12 and WDDM 2.0 to improve the operating system's graphics capabilities for games.

Windows 10

Microsoft Azure is a cloud computing platform and infrastructure for building, deploying and managing applications and services through datacenters. It provides both platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS) services and supports many different programming languages, tools and frameworks, including both Microsoft-specific and third-party software and systems. Cloud Services is a PaaS environment and can be used to create scalable applications and services; there are specific software development kits (SDKs) provided by Microsoft for Python, Java, Node.js and .NET. Azure also has file and storage services, data management, analytics and DNS services.

Azure

Windows Server 2016 is the successor to Windows Server 2012 R2. Built upon the same core code as Windows 10, Windows Server 2016 brings enhancements in security, servicing, and connectivity. A particular focus on this release was hybrid-cloud scenarios, and has close ties to Azure and other Microsoft cloud initiatives. This does not detract from the many improvements that are available for on-premises-only deployments

Windows Server 2016 comes in Datacenter, Standard, and Essentials editions, and for servicing, has adopted windows 10's cumulative model. The new nano-server install is designed to be remotely managed and is designed to be kept current through continuous feature updates. The full GUI install operates similarly to windows 10's "Long Term Servicing Branch" (LTSB) model with cumulative security updates.

Windows Server 2016 has also shifted from a per-processor-and-CAL licensing model to a per-core-and CAL licensing model. This brings Windows Server's licensing more in line with Microsoft's other products and makes hybrid-cloud license planning easier as well.