Join our webinar on Friday, April 28th: Make Routine Tasks Quick and Easy for HR and Employees  REGISTER NOW

Installation of AD FS 2.0 federation proxy

Federation Proxy is required to service federated authentication requests when the user is situated outside of the corporate network.

This walkthrough provides a preview of the steps required to setup an ADFS Proxy Server in your environment so you can enable external access to claims aware on-premise or a cloud solution hosted by your SAAS provider.

ADFS Proxy Step1 Ensure SSL Binding

First step in the process is to make sure that an SSL binding exists for the Default Website on the IIS Server. Without this binding, ADFS 2 Configuration Wizard is going to complain as follows:

ADFS Proxy Step2 Request New Certificate

The process for requesting certificates needs to be initiated from a domain machine which has appropriate enroll privileges on the Web Server certificate template or any other template which complies with your enterprise Certificate Practice Statement.

Start the “Request New Certificate” wizard as shown. Follow the prompts until you see the following screen.

ADFS Proxy Step3 Select-Cert Template

This is where appropriate certificate template is selected. In this case, Web Server certificate is selected.

Click on the Details and Properties button to provide necessary information about the certificate.

ADFS Proxy Step4 Provide Certificate Properties

Provide the common name of the certificate as specified. This is the most important information about the certificate. It either needs to be either of the following:

  • DNS name of the proxy server if deployed in a standalone mode
  • a
  • DNS name of the load balancer behind which exists a farm of servers.

ADFS Proxy Step5 Provide FriendlyName

Switch to the General tab and provide a friendly name for ease of reference.

ADFS Proxy Step5 Make Key Exportable

Switch to the Private Key tab and make the key exportable. This is required as we need to export the certificate off this computer onto our ADFS Federation Proxy Server.

ADFS Proxy Step6 Enroll For Certificate

Get done with the wizard and then click Enroll.

ADFS Proxy Step7 Copy Certificate

Copy the certificate onto the ADFS Federation Proxy Server and start the Certificate Import Wizard from IIS.

ADFS Proxy Step8 Start ADFS Proxy Wizard

Now start the AD FS 2.0 Federation Server Proxy Configuration Wizard.

ADFS Proxy Step9 Provide ADFS Farm Name

Provide the name of the AD FS 2.0 Federation Server (or the name of the farm)

Follow the instructions as specified.

ADFS Proxy Step10 Provide Service Account Name

Provide the domain information of a user which will be used for communication with the federation server.

ADFS Proxy Proxy Trust Token Issue

This error means that the account presented in the previous step doesn't have required permissions to issue proxy trust token which is used to identity AD FS Proxy Server/s.

ADFS Proxy Step10 Provide Service Account Name

If the account being used in the previous step was different from the ADFS service account provided during the setup of the federation server, then it needs to be added as a local admin to the federation server. If not, the service account should work just fine.

ADFS Proxy Ready to Apply Settings

We are now ready to establish trust between the federation proxy and the federation server.

ADFS Proxy Apply Settings

Sit back and enjoy the progression of the steps as the process moves forward.

  • Item 1

    Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

  • Item 2

    Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor reprehenderit.

  • Item 3

    Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat proident.

Topics: Applications & Infrastructure


You might like these too

Are we living in a connec...


FIM service database usag...

The following script could be helpful in determining the current usage of the database for...

Installation of AD FS 2.0...

Federation Proxy is required to service federated authentication requests when the user is...