question

BrianModlin-9941 avatar image
0 Votes"
BrianModlin-9941 asked ·

Using ADFS with .local domain name

I currently have a domain with abc.local domain name. Everything is on-premise including a 2013 Exchange server. I am planning a deployment of cloud services for voice and would like to use ADFS to authenticate the cloud softphones.

If I add an additional UPN Domain suffix of xyz.com to the existing domain will ADFS allow me to use the newly created UPN suffix (user@xyz.com) to authenticate the users?

adfs
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

piaudonn avatar image
0 Votes"
piaudonn answered ·

First of all, when you deploy your farm, make sure the farm has a public name. Like abc.com. The domain part does not have to be your AD domain. And make sure that internal clients resolve the name of your farm like sts.abc.com to the private IP address of your ADFS server (or load balancer). Even if you do not need to make your ADFS farm available externally you should use a public name. That way few month from now, when you will have a need to authenticate remote user, it would just be a matter of deploying a WAP (ADFS proxY) and a public DNS record instead of having to redeploy everything.

Then from a UPN perspective, from a pure ADFS/ADDS perspective you don't need to have a routable name. So UPN in .local might do it. It will all depend of your cloud service requirements. Often they want a routable identifier (either a UPN or an email address that we can trust a client owned a namespace). For example, with Office 365, we need a routable UPN. So if that is the case of your cloud service, then yes you can add a UPN suffix to your forest and change the UPN of your user to use abc.com (for example) instead of abc.local.

· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.