Press "Enter" to skip to content

ADFS: Installation and Configuration

0

Intro

In this article, I propose to discover the AD FS and Proxy (WAF) roles. As part of the preparation for the 70-742 certification, I embarked on the mock-up of an infra.

What’s this ?

ADFS and the proxy that accompanies it can put several things in place:

  • An SSO system (for compatible applications) that allows single sign-on
  • Security by managing authentication before application
  • Cross-domain trust through ADFS proxy communication (different from domain trust within the active directory).

Prerequisites

For the realization of this tutorial here are the machines used:

  • LAB-AD1 : AD / DHCP / DNS / IIS
  • LAB-ADFS : ADFS
  • LAB-ADFS-PROXY : Proxy WAF(normally to be placed in DMZ)
  • A client
  • Generate a certificate for HTTPS binding with ADFS services (fs.lab.intra) and install it on the ADFS server in the personal store.
  • Generate a certificate for the HTTPS link for the test site (* .lab.intra) and install it on the IIS server in the personal store.

I used the AD1 server to have a test web page. On the client to run the federation url must point to the proxy.



Related Posts


Sophos XG: secure emails
Introduction In this tutorial, we will see how to secure emails with a Sophos XG firewall. The firewall offers two modes of operation for filtering emails: MTA : the firewall will act as an SMTP relay Legacy : it will be placed in transparent mode, w

Network share: enable enumeration based on access EBA
Introduction The access-based enumeration allows to display in a network share, only folders and files whose use has at least a right of reading. Other documents and folders will be hidden. Enabling this feature will increase the CPU resource consump

Sophos XG: installation on Hyper-V
In this tutorial, we will have how to install a Sophos XG firewall on a virtual machine with Hyper-V. For this article, I used the Sophos XG home version which is available for free. Prerequisites Download the ISO firewall on the site sophos and reco

Leave a Reply

Your email address will not be published. Required fields are marked *

It looks like you're using an adblocker.
We use ads to keep our content free. Please support us by turning off your adblocker.