Review the Role of the Federation Server in the Account Partner Organization
Applies To: Windows Server 2008
A federation server in the account partner is used to log on local user accounts in either an Active Directory Domain Services (AD DS) store or an Active Directory Lightweight Directory Services (AD LDS) store. A federation server also issues initial security tokens that the local user accounts can use to access Web-based applications that are hosted in the resource partner. In addition, a federation server in the account partner issues cookies to users to maintain their logon status. These cookies include claims for those users. The cookies enable single-sign-on (SSO) capabilities so that users do not have to enter credentials each time that the users visit different Web-based applications in the resource partner.
To create a federation server from a computer in the account partner organization, you must first join the computer to any domain in the forest where the federation server will be used to authenticate users from that forest.