ADFS for Multple AD Domain [英] ADFS for Multple AD Domain

查看:64
本文介绍了ADFS for Multple AD Domain的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述



我的情况是我在外围网络中有一套应用程序。


我的内部用户在企业网络中有一个内部AD。


我必须在外围网络中为需要访问的外部用户/客户维护一个单独的AD外围应用程序。


我需要多少个ADFS实例?


我可以在企业网络中配置ADFS实例,在外围网络中配置ADFS代理吗? / p>

是否可以在内部ADFS实例中添加内部AD和外围AD,以便为内部和外部用户提供访问外围应用程序的功能。没有内部AD和周边AD。


或者我需要设置2个不同的ADFS实例,一个用于周边,一个用于内部?在这种情况下,如何配置应用程序重定向到多个ADFS实例以从内部ADFS获取内部用户的STS以及从外围获取外部用户的STS
ADFS?


此外,应该怎样是代理服务器的位置?


谢谢,



Soumen Ghosh

解决方案

通常,你会在周边有一个代理人公司中的ADFS和拆分DNS所以:


周长,例如login.company.com - >代理


公司代码login.company.com - >公司


在您的情况下,您有两个AD所以你需要两个ADFS。您无法在一个ADFS实例上共享多个AD。


您可以使用拆分DNS来分隔它们。或者有两个不同的网址









Hi,

I have situation where I have a set of application in the perimeter network.

I have an internal AD in corporate network for our internal users.

I have to maintain a separate AD in perimeter network for external users /customer who need access to the perimeter applications.

How many ADFS instances I need?

Can I configure ADFS instance in corporate network and a ADFS proxy in perimeter network.

Is it possible to add internal AD and perimeter AD in the internal ADFS instance to serve both internal and external user to access the perimeter applications. without a trust between internal AD & perimeter AD.

Or I need to setup 2 different ADFS instances one for perimeter and one for internal? and in this case how to configure the application redirect to multiple ADFS instances to get STS for internal users from internal ADFS and for external users from perimeter ADFS?

Also, what should be the proxy server placement?

Thanks,

Soumen Ghosh

解决方案

Normally, you would have a proxy in the perimeter and an ADFS in corporate and a split DNS so:

Perimeter e.g. login.company.com --> Proxy

Corporate e.g. login.company.com --> Corporate

In your case, you have two AD so you need two ADFS. You can't share multiple AD across one instance of ADFS.

You could use split DNS to separate them. Or have two different URL




这篇关于ADFS for Multple AD Domain的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发语言最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆