Windows Server 2012 中的 AD FS 設計指南AD FS Design Guide in Windows Server 2012

適用於:Windows Server 2012Applies To: Windows Server 2012


了解如何在 Windows Server 2012 R2 AD FS 的部署的資訊,請查看Windows Server 2012 R2 AD FS 部署指南For information about how to deploy AD FS in Windows Server 2012 R2 , see Windows Server 2012 R2 AD FS Deployment Guide.

您可以使用 Windows Server® 2012 年作業系統同盟服務提供者的角色 Active Directory()同盟服務 (AD FS) 順暢地進行驗證使用者任何 Web\ 為基礎的服務或位於資源合作夥伴組織,而不需要系統管理員建立,或維持外部信任或網路的兩個組織,而不需要的使用者來登入第二次之間的樹系信任的應用程式。You can use Active Directory® Federation Services (AD FS) with the Windows Server® 2012 operating system in a federation services provider role to seamlessly authenticate your users to any Web-based services or applications that reside in a resource partner organization, without the need for administrators to create or maintain external trusts or forest trusts between the networks of both organizations and without the need for the users to log on a second time. 網路存取的其他網路資源時進行驗證的程序,重複登入動作使用者的負擔 — 稱為單一 sign\ 上 (SSO)。The process of authenticating to one network while accessing resources in another network—without the burden of repeated logon actions by users—is known as single sign-on (SSO).

有關本指南About this guide

本指南建議,可協助您計畫 AD FS,根據您的組織需求部署新 \(也稱為為部署 goals\ 本指南)和您想要建立特定的設計。This guide provides recommendations to help you plan a new deployment of AD FS, based on the requirements of your organization (also referred to in this guide as deployment goals) and the particular design that you want to create. 本指南被針對使用的基礎結構專員或系統架構。This guide is intended for use by an infrastructure specialist or system architect. 它會反白顯示您的主要決策點為您計劃 AD FS 部署。It highlights your main decision points as you plan your AD FS deployment. 本指南朗讀時之前,您應該會有深入了解 AD FS 上功能的層級的運作方式。Before you read this guide, you should have a good understanding of how AD FS works on a functional level. 您也應該有您 AD FS 設計深入了解會反映出剛剛組織需求。You should also have a good understanding of the organizational requirements that will be reflected in your AD FS design.

本指南告訴您的部署目標三個主要 AD FS 設計為基礎的設定,可協助您判斷最適合用於您的環境設計。This guide describes a set of deployment goals that are based on three primary AD FS designs, and it helps you decide the most appropriate design for your environment. 您可以使用下列的完整 AD FS 設計或符合您的環境需求自訂設計的其中一個表單這些部署目標:You can use these deployment goals to form one of the following comprehensive AD FS designs or a custom design that meets the needs of your environment:

  • 聯盟的網路 SSO business\ to\ 商務 (B2B) 案例的支援,並支援與獨立樹系的業務單位之間共同作業Federated Web SSO to support business-to-business (B2B) scenarios and to support collaboration between business units with independent forests

  • Web SSO business\ to\ 消費者 (B2C) 案例中支援客戶存取應用程式Web SSO to support customer access to applications in business-to-consumer (B2C) scenarios

針對每個設計,您將會收集關於您的環境所需的資料尋找指導方針。For each design, you will find guidelines for gathering the required data about your environment. 您再可以使用下列指導方針操作計劃及設計 AD FS 部署。You can then use these guidelines to plan and design your AD FS deployment. 朗讀本指南後,當您完成收集、文件,以及對應您組織的需求,您將會有開始部署 AD FS 使用中的指導所需的資訊Windows Server 2012 AD FS 部署指南After you read this guide and finish gathering, documenting, and mapping your organization's requirements, you will have the information necessary to begin deploying AD FS using the guidance in the Windows Server 2012 AD FS Deployment Guide.

本指南In this guide