1
00:00:06,500 --> 00:00:14,900
To understand the configuration process for India first, you must first understand all of the components

2
00:00:14,960 --> 00:00:16,520
that are part of it.

3
00:00:16,670 --> 00:00:25,130
First, these components work together to provide a complete solution for claims based authentication

4
00:00:25,460 --> 00:00:28,820
within an organisation or between organisations.

5
00:00:29,540 --> 00:00:35,180
Let's review the following list of ADF files components.

6
00:00:35,780 --> 00:00:38,600
The first component is Federation server.

7
00:00:39,170 --> 00:00:47,750
What does the Federation server issues managers and will it do to requests involving identity claims?

8
00:00:48,500 --> 00:00:56,630
All implementations of a defence require at least one federation service for each party to participate

9
00:00:56,630 --> 00:00:57,310
in party.

10
00:00:58,860 --> 00:01:05,010
The next component is for duration, server proxy and web application proxy.

11
00:01:05,640 --> 00:01:13,830
What it does the for duration server proxy is an optional component that you usually deploy in a perimeter

12
00:01:13,830 --> 00:01:14,370
network.

13
00:01:14,760 --> 00:01:23,700
It does not any add any functionality to the ADF deployment, but it is deployed to provide a layer

14
00:01:23,700 --> 00:01:30,840
of security enhancement for connections from the end to internet to the for duration server and Windows

15
00:01:30,840 --> 00:01:32,520
Server 2016.

16
00:01:32,790 --> 00:01:38,850
The Federation server proxy functionality is part of Web Application Proxy.

17
00:01:39,810 --> 00:01:42,330
Next up is claims component.

18
00:01:42,690 --> 00:01:51,390
A claim is a statement that is made by a trusted entity about an object such as the user.

19
00:01:51,840 --> 00:02:00,450
The claim can include the user name, job title or any other factor that might be used in an authentication

20
00:02:00,450 --> 00:02:01,080
scenario.

21
00:02:02,490 --> 00:02:05,250
Another component is claims rules.

22
00:02:05,910 --> 00:02:12,390
What it does claim rules determine how federation servers process claims.

23
00:02:12,960 --> 00:02:21,600
For example, claims rule might say that an email address is accepted as a relative claim, or that

24
00:02:21,600 --> 00:02:31,290
a group name from one organization is translated into an application specific role in the other organization.

25
00:02:31,740 --> 00:02:36,660
The rules are usually processed in real time as claims are made.

26
00:02:38,520 --> 00:02:41,310
The next component is Attributes Store.

27
00:02:42,700 --> 00:02:47,380
It first uses an attribute store to lookup claims values.

28
00:02:48,170 --> 00:02:56,920
This is a common attribute store that is available by default because the federation server rule must

29
00:02:56,920 --> 00:02:59,950
be installed on a server joint to the domain.

30
00:03:01,050 --> 00:03:03,660
Next up is claims provider.

31
00:03:03,990 --> 00:03:13,080
What it does the claims provider trust contains the configuration data that defines the rules under

32
00:03:13,080 --> 00:03:22,710
which gland might request claims from a glimpse provider and subsequently submit them to ruling party.

33
00:03:23,310 --> 00:03:30,030
The trust consists of various identifiers such as names, groups and rules.

34
00:03:31,850 --> 00:03:36,620
Next up is rely in part to trust the ruling party.

35
00:03:36,620 --> 00:03:48,420
Trust consists of 8/1 configuration data that is used to provide claims about a user or client to rely

36
00:03:48,470 --> 00:03:49,200
ruling party.

37
00:03:49,640 --> 00:03:54,140
It consists of various identifiers such as names, groups and rules.

38
00:03:56,000 --> 00:03:59,780
The next component is certificates.

39
00:04:00,360 --> 00:04:09,980
It first uses digital certificates when communicating over secure sockets, layer or SSL or as a part

40
00:04:09,980 --> 00:04:13,340
of the token issuance process.

41
00:04:13,820 --> 00:04:23,000
The token reserved process and the meta data, publish and process digital certificates also are reused

42
00:04:23,000 --> 00:04:27,710
for token signing and lastly and points.

43
00:04:27,980 --> 00:04:37,730
What it does and points are Windows Communication Foundation mechanisms that enable access to ADA first

44
00:04:37,730 --> 00:04:43,910
technologies, including token issuance and metadata publishing.

45
00:04:44,490 --> 00:04:51,680
It first comes with built in and points that are responsible for a specific functionalities.

46
00:04:52,730 --> 00:04:56,180
Next up, we'll be talking about ADA first requirements.