1 00:00:07,360 --> 00:00:15,610 It claims provider trust, which you can figure on the ruling party of a duration server and it identifies 2 00:00:15,610 --> 00:00:24,010 the claims provider and describes how the rely on Porter consumes the claims the claims provider issues. 3 00:00:24,940 --> 00:00:32,890 You must configure a glance provider trust for reach claims provider a claims provider trust for the 4 00:00:32,890 --> 00:00:35,740 locally that this is configured by default. 5 00:00:36,610 --> 00:00:41,770 You must configure any additional claims providers by the full term. 6 00:00:42,040 --> 00:00:48,730 ADF for first server is configured with a glimpse provider trust named Active Directory. 7 00:00:49,300 --> 00:00:52,840 This trust defines the claim rules which. 8 00:00:54,250 --> 00:01:03,310 Are all acceptance drills form rules that define how their first serve or accept Eddie Diaz credentials. 9 00:01:04,130 --> 00:01:12,380 For example, the default claim Glen rules from the claims provider trust includes rules that transmit 10 00:01:12,860 --> 00:01:20,260 usernames, security identifiers or receipts and group sets to the ruling party. 11 00:01:21,910 --> 00:01:23,530 In a single organization. 12 00:01:23,800 --> 00:01:33,250 In a first deployment where editors authenticate all users, the default claims provider trust might 13 00:01:33,250 --> 00:01:36,250 be the only claims provider trust. 14 00:01:37,350 --> 00:01:42,510 Many expand their first deployment to include other organizations. 15 00:01:43,110 --> 00:01:52,350 You must create additional claims provider trust for each federated organization that is an identity 16 00:01:52,350 --> 00:01:53,190 provider. 17 00:01:54,070 --> 00:01:58,150 When configuring a claims provider trust, you have three options. 18 00:01:59,260 --> 00:02:06,310 Option one import data about the claims provider through the Federation matter data. 19 00:02:07,280 --> 00:02:14,540 If the first federation server or Federation server broke through is accessible through the network 20 00:02:14,540 --> 00:02:16,940 from your first federation server. 21 00:02:17,630 --> 00:02:24,680 You can enter the hostname or your role for the Partner Federation server. 22 00:02:25,460 --> 00:02:34,940 Your first Federation server connects to the partner server and download the Federation metadata from 23 00:02:34,940 --> 00:02:35,750 the server. 24 00:02:36,410 --> 00:02:43,310 The Federation metadata includes all the information that is required to configure the claims provider 25 00:02:43,310 --> 00:02:43,850 trust. 26 00:02:45,460 --> 00:02:54,130 As part of the Federation metadata download the Federation server also downloads the SSL certificate 27 00:02:54,550 --> 00:02:57,400 that is used by the Partner Federation server. 28 00:02:59,120 --> 00:03:04,730 Option two is to import data about the claims provider from a file. 29 00:03:05,710 --> 00:03:13,000 Use this option if the partner federation server is not directly accessible from your Federation server, 30 00:03:13,600 --> 00:03:21,880 but the partner organisation has exported its configuration and provided you the information in a file. 31 00:03:22,840 --> 00:03:31,150 The configuration file must include configuration information for the partner organisation and the SSL 32 00:03:31,150 --> 00:03:35,800 certificate that the partner federation server uses. 33 00:03:37,880 --> 00:03:43,700 And the third option is to configure the claims provider trust manually. 34 00:03:44,300 --> 00:03:50,030 Use this option if you want to configure all of the settings for the claims provider trust. 35 00:03:50,930 --> 00:03:58,220 When you choose this option, you must provide the features, the claims provider of support and the 36 00:03:58,220 --> 00:04:04,760 URL that is used to access the claims provider at first trust servers. 37 00:04:05,600 --> 00:04:11,450 You must also add the SSL certificate that the partner organization uses. 38 00:04:12,720 --> 00:04:17,400 Next up we'll be talking about water is a rely in part to trust.