Tuesday, March 6, 2012

Installing and configuring ADFS v. 2.0 for Developers

In order to configure and install ADFS v.2 0, you will first need to set up a domain controller just as you did with ADFS v. 1.0.

For instructions on how to set up a domain controller in a virtual machine, you can check out this earlier post: http://samirvaidya.blogspot.com/2011/09/setting-up-domain-controller-in-virtual.html

After you have set up and configured your domain controller, you will need to download the following components:

  1. ADFS v. 2.0 RTW: http://www.microsoft.com/download/en/details.aspx?id=10909
  2. ADFS v. 2.0 Update Rollup 2: http://support.microsoft.com/kb/2681584
  3. Windows Identity Foundation Runtime: http://www.microsoft.com/download/en/details.aspx?id=17331
Once you have downloaded the necessary components, you will need to install them.  Since Windows Identity Foundation Runtime is a prerequisite for ADFS v. 2.0, you need to install this PRIOR to installing ADFS v. 2.0.

Many of these steps are similar to what has been described in this article: http://www.sysadminsblog.com/microsoft/installing-and-configuring-adfs-2-0/

However, I have made some slight modifications for testing/development purposes.

  1. Instead of using a 3rd party SSL Certificate, simply create a Self-Signed Certificate from within the IIS Manager Console and assign the SSL Certificate Bindings to the Default Web Site.  Alternatively, if you do not want to deal with error messages about the SSL Certificate in the browser, you can instead use SelfSSL7: http://blogs.iis.net/thomad/archive/2010/04/16/setting-up-ssl-made-easy.aspx
  2. Instead of creating a New Federation server Farm, simply create a Stand-alone federation Server.
  3. When proceeding through the Active Directory Federation Server Wizard, you will be allowed to select or view the Website with the SSL Certificate that you just configured.
  4. If you will also be installing SharePoint 2010 on the same machine as ADFS, you will need to look at this article: http://support.microsoft.com/kb/896861.  Since the SharePoint site will also need to be on a secured IIS Web Site, you will have to assign it a different host header name than the server's name.  If the loop back check has not been disabled, you will be unable to render the SharePoint site using the different host name.
  5. If you are planning on using ADFS in conjunction with SharePoint, you may also want to look at the advice in this article: http://blogs.technet.com/b/speschka/archive/2011/07/13/you-may-experience-slowness-when-using-saml-claims-with-sharepoint-2010.aspx
  6. If everything works correctly, you will have successfully installed and configured ADFS v. 2.0!




If you are planning to now use your ADFS v. 2.0 installation for a server installation of SharePoint 2010, you can follow the instructions outlined in this article: http://blogs.technet.com/b/speschka/archive/2010/07/30/configuring-sharepoint-2010-and-adfs-v2-end-to-end.aspx

If you are considering using Windows Server 2012 for your ADFS v. 2.0 deployment with SharePoint 2010, you can follow this article: http://social.technet.microsoft.com/wiki/contents/articles/11135.sharepoint-2010-how-to-install-and-configure-adfs-for-sharepoint-2010-on-windows-server-8-en-us.aspx

No comments:

Post a Comment