AD FS 使用的跨平台規劃 1.xPlanning for Interoperability with AD FS 1.x

適用於:Windows Server 2016、Windows Server 2012 R2、Windows Server 2012Applies To: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

Active Directory 同盟服務 (AD FS) 聯盟伺服器執行 Windows Server® 2012 年能與這兩個 AD FS 1.0 交互操作 \(與 Windows Server 2003 R2\ 安裝)同盟服務與 AD FS 1.1 \(與 Windows Server 2008 或 Windows Server 2008 R2\ 安裝)同盟服務。Active Directory Federation Services (AD FS) federation servers running Windows Server® 2012 can interoperate with both an AD FS 1.0 (installed with Windows Server 2003 R2) Federation Service and an AD FS 1.1 (installed with Windows Server 2008 or Windows Server 2008 R2) Federation Service. 支援下列組合交互操作:Any of the following interoperability combinations are supported:

注意

AD FS 不支援或交互 1 AD FS 進行操作。x Windows NT 權杖型 Web 代理程式。AD FS does not support or interoperate with the AD FS 1.x Windows NT token–based Web agent.

AD FS 1。x-compatible 宣告,可以在 Windows Server 2012 中 AD FS 同盟服務,傳送並了解 AD FS 1 理賠要求。x同盟服務。An AD FS 1.x-compatible claim is a claim that can be sent by an AD FS Federation Service in Windows Server 2012 and understood by an AD FS 1.x Federation Service. 因此,AD FS 1。x同盟服務可以使用 AD FS 同盟服務會將傳送宣告,名稱 Identifier (ID) 宣告類型必須傳送。So that an AD FS 1.x Federation Service can consume the claims that an AD FS Federation Service sends, a Name Identifier (ID) claim type must be sent.

了解名稱 ID 宣告類型Understanding the Name ID claim type

名稱 ID 宣告類型是相當於的身分宣告輸入該 AD FS 1。x uses.The Name ID claim type is the equivalent of the identity claim type that AD FS 1.x uses. 每當您想要使用 AD FS 1 交互必須使用它。x.It must be used whenever you want to interoperate with AD FS 1.x. 名稱 ID 理賠要求輸入可讓 AD FS 1。x同盟服務或 AD FS 1。x以取用宣告傳送給 AD FS Windows Server 2012 中的,只要這些宣告傳送下表中名稱 ID 格式之一 claims\ 感知 Web 代理程式。The Name ID claim type enables either an AD FS 1.x Federation Service or the AD FS 1.x claims-aware Web agent to consume claims that AD FS in Windows Server 2012 sends, as long as these claims are sent in one of the Name ID formats in the following table.

來電顯示名稱的格式Name ID format 對應 URICorresponding URI
AD FS 1。x電子郵件地址AD FS 1.x Email Address http://schemas.xmlsoap.org/claims/EmailAddresshttp://schemas.xmlsoap.org/claims/EmailAddress
AD FS 1。x UPN 電子郵件AD FS 1.x Email UPN http://schemas.xmlsoap.org/claims/UPNhttp://schemas.xmlsoap.org/claims/UPN
一般的名稱Common Name http://schemas.xmlsoap.org/claims/CommonNamehttp://schemas.xmlsoap.org/claims/CommonName
群組Group http://schemas.xmlsoap.org/claims/Grouphttp://schemas.xmlsoap.org/claims/Group

在適當的格式只有一個名稱 ID 宣告必須傳送。Only one Name ID claim in the appropriate format must be sent. 當符合的條件是時,許多其他宣告可能會傳送,假設它們符合表格中所述的限制。When that criterion is satisfied, many other claims may be sent as well, assuming that they conform to the restrictions described in the table.

注意

AD FS 1。x同盟服務可以解譯開頭的 http://schemas.xmlsoap.org/claims/ 統一資源識別碼 (URI) 只傳入宣告類型。An AD FS 1.x Federation Service can interpret only incoming claim types that begin with the Uniform Resource Identifier (URI) of http://schemas.xmlsoap.org/claims/.

也了See Also

Windows Server 2012 中的 AD FS 設計指南AD FS Design Guide in Windows Server 2012