What is Active Directory Federation Services used for?

Active Directory Federation Services is a feature and web service in the Windows Server Operating System that allows sharing of identity information outside a company’s network. It authenticates users with their usernames and passwords.

Who uses Active Directory Federation Services?

Who uses Microsoft Active Directory Federation Services?

Company Website Country
Univera, Inc. univera.com United States
BROOKINGS INSTITUTION brookings.edu United States
Zimmerman Advertising LLC zadv.com United States
Federal Emergency Management Agency fema.gov United States

Why AD FS is required?

ADFS allows users from one organization to access applications of partner organizations using the standard credentials of their organization’s Active Directory (AD). ADFS also lets users access AD-integrated applications while working remotely using their standard organizational AD credentials via a web interface.

What is domain federation?

A federated domain means, that you have set up a federation between your on-premises environment and Azure AD. In this case all user authentication is happen on-premises. When a user logs into Azure or Office 365, their authentication request is forwarded to the on-premises AD FS server.

What is federation protocol?

Federation: common standards and protocols to manage and map user identities between Identity Providers across organizations (and security domains) via trust relationships (usually established via digital signatures, encryption, and PKI).

What is Active Directory Service?

Active Directory (AD) is a database and set of services that connect users with the network resources they need to get their work done. The database (or directory) contains critical information about your environment, including what users and computers there are and who’s allowed to do what.

How Active Directory federation is different from domain trust?

Trust is typically between AD i.e. domains, typically within the same company. Federation is one level up i.e. between companies. The actual federation authentication is still a function of AD so if there are AD trusts between the various domains, federation will give access to all of them.