First I'm not saying I am a specialist about Active Directory Federation Services (ADFS), but I've been busy with Office 365 and ADFS lately. There are a lot of great sites out there describing the installation and configuration of ADFS, but some issues are nowhere mentioned. For instance, use the Azure AD Connect tool to setup and configure the Azure AD synchronization (one way synchronization from your own Active Directory towards Azure Active Directory). If, like in our case, an ADFS is needed for provisioned Citrix Servers, and a specific server is placed in DMZ to facilitate this, the Azure AD Connect also provides the necessary functionality to create an ADFS configuration. It also provides functionality to create federation for more than one (standard) domain!



One other thing worth mentioning; to be able to log on automatically within a browser one need to configure the logon settings. As an example the settings for Internet Explorer (also possible using a GPO):




  • Go to Security tab, Internet

  • Choose Custom Level

  • Scroll down to User Authentication, Logon and choose Automatic logon with current user name and password



Down here are some sites which were very helpfull:





For the rest it comes to just doing the installation and configuration. Keep in mind it's only a one way synchronization, so the on-premise Active Directory isn't affected.


No comments

The author does not allow comments to this entry