N/APosted on - 11/11/2011
In using a Windows access control server to validate certain programs that require the single sign-on access to the system, what is your recommended composition of the server? Should the directory federation services be placed in the main server or at each terminal?
Can you recommend me composition of the server using Windows access?
The directory Federation service is mainly required to providers the users with single sign-on access to the systems and the applications that they use which are located across the boundaries of the organization, and they use control authorization model that is claim-based in making sure that there is security for the applications and also federal identity is implemented.
My suggestion will be that you place active directory federation service at each terminal, so as the FS on side of the server will be used to authenticate the user by the use of standard means in the active directory DS, issuing claim about the user and other information that will be used to identify them. The token will then be validated on the other terminal by another FS and then accept the users claimed identity.