在 Windows Server 2012 R2 的 AD FS 設計指南AD FS Design Guide in Windows Server 2012 R2

適用於:Windows Server 2016、Windows Server 2012 R2Applies To: Windows Server 2016, Windows Server 2012 R2

Active Directory 同盟服務 (AD FS) 想要存取應用程式中廣告 FS\ 保護企業版聯盟合作夥伴,或在雲端中的使用者提供簡化的受保護的身分聯盟和 Web 單一 sign\ 上 (SSO) 功能。Active Directory Federation Services (AD FS) provides simplified, secured identity federation and Web single sign-on (SSO) capabilities for end users who want to access applications within an AD FS-secured enterprise, in federation partner organizations, or in the cloud.

在 Windows Server® 2012 R2,AD FS 包含做為身分提供者同盟服務角色服務 \(驗證使用者提供信任 AD FS\ 的應用程式的安全性權杖)或聯盟提供者 \(消耗權杖從其他身分提供者,並提供信任 AD FS\ 的應用程式的安全性權杖)。In Windows Server® 2012 R2, AD FS includes a federation service role service that acts as an identity provider (authenticates users to provide security tokens to applications that trust AD FS) or as a federation provider (consumes tokens from other identity providers and then provides security tokens to applications that trust AD FS).

提供應用程式和服務,在 Windows Server 2012 R2 AD FS 受到外部網路存取的功能現在稱為 Web 應用程式 Proxy 新遠端存取的角色服務執行。The function of providing extranet access to applications and services that are secured by AD FS in Windows Server 2012 R2 is now performed by a new Remote Access role service called Web Application Proxy. 這是從先前的 Windows Server 此功能由 AD FS 聯盟伺服器 proxy 版本不同的。This is a departure from the prior versions of Windows Server in which this function was handled by an AD FS federation server proxy. Web 應用程式 Proxy 是設計用來提供廣告 FS\ 相關外部案例和其他外部案例存取伺服器角色。Web Application Proxy is a server role designed to provide access for the AD FS-related extranet scenario and other extranet scenarios. 適用於 Web 應用程式 Proxy 詳細資訊,請查看Web 應用程式 Proxy 逐步解說指南For more information on Web Application Proxy, see Web Application Proxy Walkthrough Guide.

有關本指南About this guide

本指南提供建議以協助您計畫新部署的 AD FS,根據您的組織的需求。This guide provides recommendations to help you plan a new deployment of AD FS, based on the requirements of your organization. 本指南被針對使用的基礎結構專員或系統架構。This guide is intended for use by an infrastructure specialist or system architect. 它會反白顯示您的主要決策點為您計劃 AD FS 部署。It highlights your main decision points as you plan your AD FS deployment. 本指南朗讀時之前,您應該會有深入了解 AD FS 上功能的層級的運作方式。Before you read this guide, you should have a good understanding of how AD FS works on a functional level. 如需詳細資訊,請查看了解主要 AD FS 概念For more information, see Understanding Key AD FS Concepts.

本指南In this guide

也了See Also

AD FS 設計AD FS Design