BPuhl’s Blog

A little bit of everything without actually being much of anything

Happy Birthday (Microsoft IT) Federation

Posted by BPuhl on January 10, 2008

Long long ago, in a weblog far, far away, I published a few posts about our experiences deploying ADFS. 

This afternoon, for the second time, we replaced our token-signing certificate for our internal federation servers.  Since we have 1 year expiration on the certificates we use, this means that our ADFS deployment has celebrated it’s second birthday.

I’m happy to report that we’re actually making quite a bit of use of ADFS with our partners.  A couple of highlights:

–  We federated with our regional payroll provider to provide SSO for employee’s.  This was notable, because the vendor didn’t previously support any federation, and due to their back end systems, they weren’t able to use ADFS.  Instead, we introduced them to a partner in the identity space who was able to help us tie it all together.

–  Major Microsoft internal conferences now use ADFS for sign-on and registration.  This was an important first step, because our partner that provides these services also provides them for the major Microsoft public conferences.  Federated identities are on the way…

–  Using ADFS to provide access tokens to Extranet (DMZ) based applications.

–  Running on Windows Server 2008 ADFS for many months without a hitch!


Nice work to the ADFS product group, and the MS IT operations/engineering guys who have taken us this far.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: