Active Directory Federation Services (AD FS) is a Microsoft identity access solution. It was an optional component of Microsoft Windows Server® 2003 R2. It is now built into Windows Server® 2008 and Windows Server® 2012. AD FS helps to establish trust relationships and reduces the need for provisioning and managing user accounts. Its implementation provides clients (internal or external to the trusted internal LAN) with simplified access to systems and applications relying on claims-based authorization. AD FS also supports web Single-Sign-On (SSO) technologies to improve UX across multiple protected applications.

Trust relationships are used to project a user’s digital identity and access rights to trusted partners and can be deployed in multiple organisations to facilitate business-to-business (B2B) transactions between trusted partner organisations.

Document Purpose

This documentation is intended to provide guidance on how to configure LoadMaster products to provide high availability for an AD FS 2.0 environment. This documentation is created using a representative sample environment described later in the document. As this documentation is not intended to cover every possible deployment scenario it may not address unique setup or requirements. The Progress Kemp Support Team is always available to provide solutions for scenarios not explicitly defined.

Intended Audience

It is assumed that the reader is a server/network administrator or a person otherwise familiar with networking and general computer terminology and is familiar with AD FS technology.