Active Directory Federation Services (ADFS) is a software component developed by Microsoft that can be installed on Windows Server operating systems to provide users with single sign-on access to systems and applications located across organizational boundaries. ADFS uses a claims-based access control authorization model to maintain application security and implement federated identity.
Some of the Solutions Provided by Us
SSO into Mobile apps using ADFS as IdP
miniOrange provides a ready solution for Cordova application, which lets you log into your Cordova application with ADFS. This is done by creating a token accepted by our server and read, verify and access information of the signed in user.
Enable MFA on windows ADFS server
MFA on windows ADFS server is supported through miniOrange. miniOrange will be used as an Identity broker between Dynamic CRM and ADFS. Multiple 2FA methods are supported with miniOrange when used as Identity broker.
Multiple ADFS Organizations
If you have multiple ADFS organizations, miniOrange will let you configure multiple IDPs and will let a certain set of users to authenticate from one IdP whereas another set of users to authenticate from another IdP, based on their email domains.
Login into WordPress using AD/ADFS
miniOrange Windows Single Sign On Plugin allows users in a corporate Active Directory setup to login into WordPress using their Windows Credentials. Once the user is logged in into a domain joined machine, no need to re-enter credentials in order to login into WordPress.
Let us take an example to show you how to implement ADFS for miniOrange Windows Single Sign On
Installing Active Directory
Login to Windows Azure VM
Open the Server Manager from the task bar.
From Server Manager Dashboard select Add roles and features. This will launch the Roles and Features Wizard allowing for modifications to be performed on the Windows Server 2012 instance
Select Role-based or features-based installation from the Installation Type screen and click Next.
Note: Roles are the major feature sets of the server, such as IIS, and features provide additional functionality for a given role.
The current server is selected by default. Click Next to proceed to the Server Roles tab.
From the Server Roles page place a check mark in the box next to Active Directory Domain Services. A notice will appear explaining additional roles services or features are also required to install domain services, click Add Features. Note: There are other options including, Certificate services, federation services, lightweight directory services and rights management. Domain Services is the glue that holds this all together and needs to be installed prior to these other services.
Review and select optional features to install during the AD DS installation by placing a check in the box next to any desired features; Once done click Next.
Review the information on the AD DS tab and click Next.
Review the installation and click Install. Note: The installation progress will be displayed on the screen. Once installed the AD DS role will be displayed on the 'Server Manager' landing page.
Configuring Active Directory
Open the Server Manager from the task bar.
Open the Notifications Pane by selecting the Notifications icon from the top of the Server Manager. From the notification regarding configuring AD DS click Promote this server to a domain controller
From the Deployment Configuration tab select Add a new forest from the radial options menu. Insert your root domain name into the Root domain name field.
Review and select a Domain and Forest functional level. Once selected fill in a DSRM password in the provided password fields. The DSRM password is used when booting the Domain Controller into recovery mode.
Review the warning on the DNS Options tab and select Next.
Confirm or enter a NetBIOS name and click Next.
Configure the location of the SYSVOL, Log files, and Database folders and click Next.
Review the configuration options and click Next.
The system will check to ensure all necessary prerequistes are installed on the system prior to moving forward. If the system passes these checks you will proceed by clicking Install. Note: The server will automatically be rebooted once the installation completes.
Once reboot is complete, the Active Directory is setup and configured.
Set up ADFS
After starting up server manager, Add Roles and Features wizard, select Active Directory Federation Services, then click Next.
We require only .NET 4.5 Features. Select these adn click on Next
Clicking next will then install the necessary bits.
Installation is complete. You can launch the ADFS configuration wizard from here, or alternatively if this window is closed it can be launched from server manager.
In the ADFS Configuration Wizards, you are given an option to either make a new ADFS farm or add to an existing farm. Select to create a new ADFS farm
Provide your Active Directory Domain admin credentials.
Select the SSL Certificate that you downloaded from miniOrange Admin Console Policy Page and provide the Federation Service Display Name
Select the database configuration
Review the options and click Next
The ADFS pre-requisite checks are done, and we can proceed to the configuration