Which ports should be open under Fire wall in DMZ when ADFS would be run?

Hi everyone,

I would like to know which ports should be open under Fire will in DMZ when ADFS would be run in internal network environment.

Therefore could you let me know any articles which describe information regarding my requests?

Any information is welcome.

Thanks

August 25th, 2015 8:42am

Hello,

i would not suggest to place the adfs server into the dmz, just place a adfs proxy (2012R2 Role) into the dmz and open 443 

this one is a technet guide for o365 but you can probably use it for any ADFS services. 

http://blogs.technet.com/b/rmilne/archive/2014/04/28/how-to-install-adfs-2012-r2-for-office-365.aspx

best regards

Daniel

Free Windows Admin Tool Kit Click here and download it now
August 25th, 2015 8:49am
It may help Step-By-Step: Setting up AD FS Proxy Servers http://blogs.technet.com/b/canitpro/archive/2013/06/21/step-by-step-setting-up-ad-fs-proxy-servers-via-single-sign-on-for-office-365.aspx and Understanding the AD FS 2.0 Proxy http://blogs.technet.com/b/askds/archive/2012/01/05/understanding-the-ad-fs-2-0-proxy.aspx
August 25th, 2015 8:49am

Hello, Fendenko

Thank you very much for your instruction for my understood of ADFS.

It is very useful articles for me. And I would like to build environment of single sign-on to any cloud service which is provided from any venders with ADFS proxy server

Therefore I would like ensure some issues as follows,

1. Does ADFS proxy and ADFS service support functions to provide "Single sign-on" service to any cloud service which is run from any Cloud service?

2. Can ADFS service provide Active directory account ID, account/personal name, belonged organaization and other properties of the Active directory account to a cloud service?

3. If there are any restrictions when I would probably use ADFS Service for building "Single sign-on" with a cloud service working under the Internet, would you let me know?

Thanks again.

Free Windows Admin Tool Kit Click here and download it now
August 25th, 2015 10:51pm

Hi,
 
As far as I know, we are able to use ADFS to implement and manage Single sign-on with a cloud service, at least with a Microsoft cloud service. For example, Office 365 or Microsoft Intune.
 
With single sign-on configured, user should be able to sign in to the cloud service with their current Active Directory user account/corporate credentials.
 
For more information about ADFS, I would suggest you post in the dedicated forum, where you can get more experienced responses:
 
https://social.msdn.microsoft.com/Forums/vstudio/en-US/home?forum=Geneva
 
The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us. Thank you for your understanding.
 

Regards,

Eth

August 26th, 2015 3:02am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics