1
00:00:07,060 --> 00:00:10,720
To understand the configuration process for India.

2
00:00:10,720 --> 00:00:17,640
First, you must first understand all of the components that are part of a defence.

3
00:00:18,130 --> 00:00:26,380
These components work together to provide a complete solution for claims based authentication within

4
00:00:26,380 --> 00:00:29,380
an organisation or between organisations.

5
00:00:30,130 --> 00:00:35,740
Let's review the following list of ADF files components.

6
00:00:36,340 --> 00:00:39,160
The first component is Federation server.

7
00:00:39,730 --> 00:00:48,310
What it does the Federation server issues managers and will it do to requests involving identity claims.

8
00:00:49,090 --> 00:00:57,190
All implementations of defence require at least one federation service for each party to participate

9
00:00:57,190 --> 00:00:57,880
in party.

10
00:00:59,430 --> 00:01:05,580
The next component is for duration, server proxy and web application proxy.

11
00:01:06,210 --> 00:01:13,800
What it does, the Federation server or proxy is an optional component that you usually deploy in a

12
00:01:13,800 --> 00:01:14,940
perimeter network.

13
00:01:15,330 --> 00:01:24,270
It does not any add any functionality to the ADF deployment, but it is deployed to provide a layer

14
00:01:24,270 --> 00:01:31,860
of security enhancement for connections from the M2 Internet to the Federation server and Windows Server

15
00:01:31,860 --> 00:01:33,060
2016.

16
00:01:33,360 --> 00:01:39,420
The Federation server proxy functionality is part of Web Application Proxy.

17
00:01:40,380 --> 00:01:42,900
Next up is claims component.

18
00:01:43,260 --> 00:01:51,990
A claim is a statement that is made by a trusted entity about an object such as the user.

19
00:01:52,410 --> 00:02:01,020
The claim can include the user name, job title or any other factor that might be used in an authentication

20
00:02:01,020 --> 00:02:01,620
scenario.

21
00:02:03,060 --> 00:02:05,820
Another component is claims rules.

22
00:02:06,480 --> 00:02:12,960
What it does claim rules determine how federation services process claims.

23
00:02:13,530 --> 00:02:22,590
For example, claims rule might say that an email address is accepted as a valid claim, or that a group

24
00:02:22,590 --> 00:02:31,860
name from one organization is translated into an application specific role in the other organization.

25
00:02:32,280 --> 00:02:37,230
The rules are usually processed in real time as claims are made.

26
00:02:39,090 --> 00:02:41,880
The next component is a tribute store.

27
00:02:43,270 --> 00:02:47,950
It first uses an attribute store to lookup claims values.

28
00:02:48,310 --> 00:02:56,860
Eight This is a common attributes store that is available by default because the Federation server rule

29
00:02:57,130 --> 00:03:00,520
must be installed on a server joint to the domain.

30
00:03:01,640 --> 00:03:04,220
Next up is claims provider.

31
00:03:04,580 --> 00:03:13,670
What it does the claims provider trust contains the configuration data that defines the rules under

32
00:03:13,670 --> 00:03:23,270
which gland might request claims from a glimpse provider and subsequently submit them to ruling party.

33
00:03:23,870 --> 00:03:30,620
The trust consists of various identifiers such as names, groups and rules.

34
00:03:32,440 --> 00:03:37,180
Next up is rely in part to trust the ruling party.

35
00:03:37,190 --> 00:03:48,970
Trust consists of 81st configuration data that is used to provide claims about a user or client to rely

36
00:03:49,120 --> 00:03:49,770
on party.

37
00:03:50,200 --> 00:03:54,700
It consists of various identifiers such as names, groups and rules.

38
00:03:56,540 --> 00:04:06,140
The next component is certificates and a first user's digital certificates when communicating over secure

39
00:04:06,230 --> 00:04:13,900
sockets, layer or SSL or as a part of the token issuance process.

40
00:04:14,390 --> 00:04:23,570
The token reserved process and the meta data, publish and process digital certificates also are used

41
00:04:23,570 --> 00:04:25,100
for token signing.

42
00:04:25,980 --> 00:04:35,910
And lastly and points what it does and points are Windows Communication Foundation mechanisms that enable

43
00:04:36,750 --> 00:04:44,480
access to advanced technologies, including token issuance and metadata publishing.

44
00:04:45,060 --> 00:04:52,230
It first comes with built in and points that are responsible for specific functionalities.

45
00:04:53,320 --> 00:04:56,770
Next up, we'll be talking about the first requirements.