聯盟伺服器的名稱解析需求Name Resolution Requirements for Federation Servers

適用於:Windows Server 2016、Windows Server 2012 R2、Windows Server 2012Applies To: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

當 client 公司網路上的電腦嘗試存取應用程式或 Web 服務所保護的 Active Directory 同盟服務 (AD FS) 時,他們就必須先驗證聯盟伺服器。When client computers on the corporate network attempt to access an application or Web service that is protected by Active Directory Federation Services (AD FS), they must first authenticate to a federation server. 已經透過 Windows 整合式驗證存取伺服器本機聯盟公司網路戶端是一種方式驗證。One way to authenticate is to have the corporate network clients access a local federation server through Windows Integrated Authentication.

設定公司 DNSConfigure corporate DNS

可能是透過 Windows 整合式驗證聯盟本機伺服器成功名稱解析度,必須設定網域名稱系統 (DNS) account 合作夥伴公司網路中的新主機 (A) 資源將會聯盟 server 的完整的網域名稱 (FQDN) 主機名稱解析聯盟叢集伺服器的 IP 位址。So that successful name resolution through Windows Integrated Authentication on local federation servers can occur, Domain Name System (DNS) in the corporate network of the account partner must be configured for a new host (A) resource record that will resolve the fully qualified domain name (FQDN) host name of the federation server to the IP address of the federation server cluster.

下圖,您可以看到這項工作特定案例的方式來完成。In the following illustration, you can see how this task is accomplished for a given scenario. 在本案例中,Microsoft 網路負載平衡 (NLB) 提供的單一叢集 FQDN 名稱和單一叢集 IP 位址的現有聯盟伺服器發電廠。In this scenario, Microsoft Network Load Balancing (NLB) provides a single cluster FQDN name and a single cluster IP address for an existing federation server farm.

名稱需求

了解如何設定叢集 IP 位址或叢集 FQDN 使用 NLB 資訊,請查看指定叢集參數For information about how to configure a cluster IP address or cluster FQDN using NLB, see Specifying the Cluster Parameters.

了解如何設定公司 DNS 聯盟伺服器的資訊,請查看新增主機和 #40;A 與 #41;企業的 DNS 伺服器聯盟資源記錄For information about how to configure corporate DNS for a federation server, see Add a Host (A) Resource Record to Corporate DNS for a Federation Server.

如需有關如何聯盟的 proxy 伺服器設定周邊網路中的資訊,聯盟的 Proxy 伺服器的名稱解析需求For information about how to configure federation server proxies in the perimeter network, see Name Resolution Requirements for Federation Server Proxies.

也了See Also

Windows Server 2012 中的 AD FS 設計指南AD FS Design Guide in Windows Server 2012