When your deployment goal is to provide single-sign-on (SSO) access for customer accounts to hosted applications that are secured by Active Directory Federation Services (AD FS):

To set up this environment, you perform administrative tasks for installing a federation server, configuring the Federation Service, and installing an AD FS-enabled Web server. The following table provides links to the checklists that you need to follow to install the first federation server in your organization, configure the Federation Service, and configure an AD FS-enabled Web server for SSO access.

Preparing and configuring a federation server and AD FS-enabled Web server for SSO access

  Step Reference
Check box

Read about each of the servers and requirements necessary to implement a Web SSO environment in your organization.

Checklist: Implementing a Web SSO Design

Check box

Configure the federation server to work with Domain Name System (DNS), install and configure certificates, and verify that the server is functional.

Checklist: Installing a federation server

Check box

Configure the AD FS-enabled Web server to work with DNS, install certificates and the appropriate AD FS Web Agent, and verify that the server is functional.

After you complete the tasks in this checklist, you can set up the AD FS-enabled Web server to host claims-aware applications or Windows NT token–based applications.

Checklist: Installing an AD FS-enabled Web server

Check box

Depending on your organizational needs, install a claims-aware application on the AD FS-enabled Web server and verify that it is operational.

Checklist: Installing a claims-aware application

Check box

Depending on your organizational needs, install a Windows NT token–based application on the AD FS-enabled Web server and verify that it is operational.

Checklist: Installing a Windows NT token–based application