Implementing Windows Server 2016 Identity Federation and Access

Identity federation and access control allow you to authenticate users inside & outside your corporate domain, and provide secure access to applications and content. This course will teach you how to install and configure ADFS in Windows Server 2016.
Course info
Rating
(19)
Level
Intermediate
Updated
Jun 19, 2017
Duration
3h 25m
Table of contents
Description
Course info
Rating
(19)
Level
Intermediate
Updated
Jun 19, 2017
Duration
3h 25m
Description

More users today are working outside the traditional corporate office, and they require seamless, secure access to applications and content on the corporate network, as well as in the cloud. In this course, Implementing Windows Server 2016 Identity Federation and Access, you'll receive the most up to date knowledge on authenticating and authorizing users using Active Directory Federation Services (ADFS), Web Application Proxy (WAP), and Active Directory Rights Management Services (AD RMS). First, you'll learn how to install and configure ADFS to authenticate users using new methods in 2016, like device authentication and Azure MFA for primary authentication, as well as how to use ADFS to provide seamless single sign-on to applications in the cloud and on-premises. Next, you'll cover how to publish applications to the Internet using Web Application Proxy. Finally, you'll explore how to protect content from being viewed, edited, and printed by certain users and groups, using AD RMS. When you're finished with this course, you'll have the skills and knowledge needed to provide flexible authentication methods to your users, and provide secure access to documents and applications.

About the author
About the author

Neil is a solutions architect and developer, with a passion for web development, architecture, and security. He has worked in large and small IT organizations, written articles on development, and spoken at local .NET user groups. Neil has several Microsoft Certifications, including MCPD, MCSA, and MCSD.

More from the author
Managing Microsoft Azure App Services
Beginner
1h 56m
Sep 14, 2018
More courses by Neil Morrissey
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, my name is Neil Morrissey, welcome to my course on Windows Server 2016 Identity Federation and Access. I'm a solutions architect and developer, and I'm really excited to present these powerful technologies to you. As businesses become more interdependent, and users are working outside the traditional corporate office, there's a need to enable access to resources outside security confines of an organizations network. Active Directory Federation Services allows you to seamlessly provide access to your resources inside or outside the organization, and in the cloud. You can expose internal systems to the internet safely, using Microsoft's Web Application Proxy, and control access to sensitive documents using Rights Management Services. Together, this suite of technologies in Windows Server 2016 enables you to centralize authentication, abstract it away from individual applications, and control access to systems and information. Some of the major topics we'll cover in this course include federating Microsoft Azure and Office 365 with your on premises active directory, using ADFS, configuring the new primary authentication providers in ADFS, like Azure MFA, device authentication, and Microsoft Passport. We'll expose applications to the internet using Web Application Proxy, and you'll learn how to protect content with Rights Management Services, which allows permissions to travel with a document, using information rights management. By the end of this course, you'll be able to install and configure these technologies on premises, integrate them with the cloud, and provide new authentication and authorization options to your users. I hope you'll join me on this journey to learn about ADFS, Web Application Proxy, and AD RMS, in this Windows Server 2016 Identity Federation and Access course, at Pluralsight.

Integrating ADFS with Other Technologies
This module is focused on some of the integration points for ADFS with other technologies. ADFS in Windows Server 2016 has really moved to providing seamless authentication across the corporate network and the cloud, because organizations are increasingly adopting a hybrid model. So to follow along with some of the clips, you'll need at least a trial subscription to Azure. We're going to start by synchronizing our on-premises Active Directory to Azure, using Azure AD Connect. So we can use ADFS on-premises to authenticate users to cloud apps, then we'll look at multi-factor authentication in ADFS 2016. In particular, we'll configure the new features of Azure MFA, so we can use it for both second factor authentication, and for primary authentication, eliminating the need for a password. Then we'll look at device registration, which lets devices like Windows computers or iOS and Android devices, be registered with Azure AD and On-premises AD, so you the administrator can control access based on the status of those devices. Users then have single sign on by virtue of their device being registered, again eliminating the need to use a password. Then we'll look at Windows Hello for Business, formerly called Microsoft Passport. This provides a new, more secure way to authenticate users, and takes advantage of the capabilities of Windows 10. Next we'll configure Office 365 to use on-premises ADFS to authenticate and authorize users, and lastly, we'll use ADFS to authenticate users stored in an LDAP directory.