Applies To: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012
An important part of designing a new Active Directory Federation Services (AD FS) infrastructure in the resource partner organization is determining your full set of applications and services that will be used to participate in the federation and which account partners will be the recipients of those resources. Before you design a federated application and services strategy, consider the following questions:
Will you be enabling and deploying an ASP.NET application or a Windows Communication Foundation (WCF) service for federation?
Will users on your corporate network require access to the federated application or service through Windows Integrated Authentication?
Will the federated application or service be used by users in your perimeter network? If so, will Windows Integrated Authentication be required?
Are all of the Web servers that host federated applications running a Windows Server operating system and Internet Information Services (IIS)?
Who will the federated application or service provide resources for?
Answering these questions will help you plan a solid AD FS design. It will also assist you in creating a federated application and services strategy that is cost effective and resource efficient. For more information about designing the most appropriate federated application and services strategy for your organization, see the following topics in this guide:
For more information about how to create a claims-aware ASP.NET application or WCF service, see Windows Identity Foundation SDK.