Active Directory Federation Services (AD FS) uses claims-based authentication to provide users with single sign-on (SSO), web-based access to resources, whether located internally, in a federated partner organization, or in the cloud. In Windows Server 2012 R2, AD FS offers a number of new capabilities, including device registration (Workplace Join) for device authentication and SSO, enhancements for multi-factor authentication to manage risk, unified and simplified customization of the sign-in experience, and the ability to offer a user password change capability when using a registered device. In this lab, configure AD FS to enable Workplace Join, configure a relying party trust, configure the Web Application Proxy server role to enable AD FS access for external clients, customize the AD FS sign-in page to improve the user experience, enable user password change for registered devices, and configure multi-factor authentication.
Click here to run this lab in a Virtual Machine.
Click here to view the lab manual
Code:
EM-IL203
Room:
Hall 7 ILL Room 3