實作您 AD FS 設計計畫Implementing Your AD FS Design Plan

適用於:Windows Server 2016、Windows Server 2012 R2、Windows Server 2012Applies To: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

下列環境條件和需求的實作 Active Directory 同盟服務 (AD FS) 設計計畫的重點:The following environmental conditions and requirements are important factors in the implementation of your Active Directory Federation Services (AD FS) design plan:

  • 支援的合作夥伴:您通常是使用 AD FS 使用合作夥伴。Supported partners: You usually use AD FS to work with partner organizations. 若要建立的身分聯盟,判斷您想要形成的合作關係與的組織。To establish identity federation, determine the organizations with which you want to form a partnership. 基礎 AD FS 部署位於位置之後,使用協力廠商操作包括新增合作夥伴、 移除合作夥伴與更新合作夥伴資訊。After a baseline AD FS deployment is in place, operating with partners involves adding partners, deleting partners, and updating partner information. 變更合作關係可能的原因。Changes to partnerships may occur for a variety of reasons. 例如,如果對方發生重大變更其商務,您的組織變得較大的公司或組織聯盟的一部分或由其他公司取得您的組織 AD FS 部署可能需要合作關係更新。For example, your AD FS deployment might require partnership updates if your partner changes its business significantly, your organization becomes part of a larger organization or a federation of organizations, or your organization is acquired by a different company. 在任何案例中您聯合身分的多個網域中,您必須知道您要支援的網域 (partners) 和,表示可能合作夥伴所有其他網域。In any scenario in which you federate identities from multiple domains, you will need to know the domains (partners) that you are currently supporting and all the additional domains that represent potential partners.

  • 支援的應用程式與服務類型︰某些應用程式和服務需要存取作業系統資源,有些則是 「 宣告注意。 」Supported application and service types: Some applications and services require access to operating system resources, while others are "claims aware." 請務必以了解類型的應用程式和服務,AD FS 支援,讓您可以制訂管理的需求。It is important to understand the types of applications and services that AD FS supports so that you can formulate administration requirements.

  • 邏輯和實體架構圖片或部署拓撲:您會需要了解:Logical and physical architectural diagrams or deployment topology: You will need to know:

    • 是否聯盟伺服器會在一組陣列來說伺服器或單一伺服器上的功能。Whether federation servers will function in a set of farmed servers or on a single server.

    • 在您的網路部署防火牆與 proxy。Where your network deploys firewalls and proxies.

    • 資源與使用者是否存取資源組織,或兩個之外,在組織中的位置。The location of resources and whether users are accessing resources from within your organization, outside the organization, or both.

如何將您 AD FS 使用實作設計本指南How to implement your AD FS design using this guide

若要判斷必須執行每個部署工作順序是實作設計的下一步。The next step in implementing your design is to determine in what order each deployment task must be performed. 本指南使用檢查清單可協助您逐步不同伺服器和應用程式部署工作所需實作設計計劃。This guide uses checklists to help you walk through the various server and application deployment tasks that are required to implement your design plan. 家長以及子女的檢查清單可視代表必須處理設計在特定 AD FS 的工作順序。Parent and child checklists are used as necessary to represent the order in which tasks for a specific AD FS design must be processed.

在本區段中的節目表使用下列家長檢查清單熟悉部署工作實作慣用的 AD FS 設計您的組織:Use the following parent checklists in this section of the guide to become familiar with the deployment tasks for implementing your organization's preferred AD FS design: