不成功的ADFS实施 [英] Unsuccessful ADFS Implementation
问题描述
问候,
我已按照Windows Server 2008 R2中AD FS分步指南中的所有步骤进行操作 - 逐步指南,以使ADFS正常工作。
http://technet.microsoft.com/en-us/library/dd378921(WS.10).aspx
< p style ="">以下是我的配置与指南之间的差异。
1。计算机帐户名称。
2. 用户帐户名称
3. 安全组名称
4. 域名
5. 我的两个域之间有一个防火墙
6. 我编辑了示例网站配置文件以指向我创建的服务器的URL。
设置如下:
内部公司域名:
1. 帐户联合服务器
2。客户端计算机
外部AD域(DMZ)
1.运行ADFS代理和网站创建的Web服务器来自 http://technet.microsoft.com/en- us / library / dd378924(WS.10).aspx 。
2。资源联合服务器
域名由防火墙分隔,允许所有参与的DMZ服务器和内部网络之间的双向HTTP / HTTPS流量。
在我的客户端上,我执行了从所有三台服务器导入服务器证书的步骤。 http://technet.microsoft.com/en-us/library/dd391954(WS.10).aspx
当我到达"从客户端计算机访问声明感知应用程序"部分时,我开始遇到问题。
当我到达本节的第2步时,我尝试访问帐户联合服务器的URL,此服务器位于防火墙的同一侧以及与客户端相同的域,页面保持空白,并带有"锁定"状态。 aks"security
report"在网址末尾。 在这里,我可以查看证书并安装它没有问题。
当尝试对DMZ中的Web服务器和资源联合服务器的HTTPS URL执行相同操作时,页面超时并转到"Internet Explorer无法显示网页"。
因此,我无法继续前进并成功完成最后一步。 这些步骤是:
3。转到https://adfsweb.treyresearch.net/claimapp/。当系统提示您输入主页时,请单击 A. Datum
Corporation ,然后点击 Submit 。
4。此时 SSO示例应用程序 在浏览器中显示
。您可以在 SingleSignOnIdentity.SecurityPropertyCollection section
示例应用程序。
非常感谢任何帮助。
为什么你在安装ADFS v1而不是v2吗?
Greetings,
I have followed all of the steps in the step by step guide for AD FS in Windows Server 2008 R2 Step-by-Step Guide in an effort to get ADFS working.
http://technet.microsoft.com/en-us/library/dd378921(WS.10).aspx
The following are the differences between my configuration and the guide.
1. Computer Account Names.
2. User Account Names
3. Security Group Names
4. Domain Names
5. There is a Firewall between my two Domains
6. I have edited the sample website config file to point to the URLS of the servers I created.
The setup is as follows:
Internal corporate Domain:
1. Account Federation Server
2. Client computer
External AD Domain (DMZ)
1. Web Server running ADFS Agent and website created from http://technet.microsoft.com/en-us/library/dd378924(WS.10).aspx.
2. Resource Federation Server
The domains are seperated by a Firewall which allows for bi-directional HTTP/HTTPS traffic between all participating DMZ servers and the internal network.
On my client, I have performed the steps to import the server certificates from all three servers. http://technet.microsoft.com/en-us/library/dd391954(WS.10).aspx
When I reach the section "Access the claims-aware application from the client computer", I begin to have problems.
When I reach step 2 of this section, I attempt to access the URL for the account federation server, this server is on the same side of the firewall as well as the same domain as the client, the page remains blank with a "lock" aks "security report" at the end of the URL. Here I can view the certificate an install it with no problem.
When attempting to do the same for the HTTPS URL's of the web server and resource federation server in the DMZ, the page times out and goes to "internet explorer cannot display the webpage".
Therefore, I can never move on and complete the last steps successfully. Those steps are:
3. Go to https://adfsweb.treyresearch.net/claimapp/. When you are prompted for your home realm, click A. Datum Corporation, and then click Submit.
4. At this point SSO Sample Application appears in the browser. You can see which claims were sent to the Web server in theSingleSignOnIdentity.SecurityPropertyCollection section of the sample application.
Any help is greatly appreciated.
Why are you installing ADFS v1 instead of v2?
这篇关于不成功的ADFS实施的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
