GAPTHEGURU

Geek with special skills

ADFS 2.0

Active Directory Federation Services (AD FS) 2.0 helps IT enable users to collaborate across organizational boundaries and easily access applications on-premises and in the cloud. And, AD FS helps maintain application security. Through a claims-based infrastructure, IT can enable a single sign-on experience for end-users to applications. Such a claims-based infrastructure does not require a separate account or password, whether applications are located in partner organizations or hosted in the cloud.
Back to the top

MORE INFORMATION

System requirements
To implement AD FS 2.0, the computer must run one of the following Windows operating systems:• Windows Server 2008 R2 (64-bit):◦Datacenter Edition
◦Enterprise Edition
◦Standard Edition
◦Embedded Solution Edition
◦Small Business Solutions Edition
◦Small Business Solutions EM Edition
◦Small Businesses Server Standard Edition
◦Small Businesses Server Premium Edition
◦Solutions Premium Edition
◦Solutions Edition
◦Solutions EM Edition
◦Foundation Server Edition
◦Small Businesses Edition
◦Essential Additional Edition
◦Essential Additional Svc Edition
◦Essential Management Edition
◦Essential Management Svc Edition

• Windows Server 2008 together with Service Pack 2 (32-bit or 64-bit): ◦Datacenter Edition
◦Datacenter without Hyper-V Edition
◦Enterprise Edition
◦Enterprise without Hyper-V Edition
◦Standard Edition
◦Medium Business Management Edition
◦Medium Business Messaging Edition
◦Medium Business Security Edition
◦Small Business Server Premium Edition
◦Small Business Server Standard Edition
◦Small Business Server Prime Edition
◦Small Businesses Edition
◦Small Businesses Edition without Hyper-V

To install AD FS 2.0, the following software and hotfixes must be installed. If they are not installed when AD FS 2.0 is installed, the AD FS 2.0 Setup program installs them automatically. • The Microsoft .NET Framework 3.5 together with Service Pack 1

Note This software is automatically installed only when the computer is running Windows Server 2008 R2.
• Windows PowerShell
• Internet Information Services (IIS) 7
• Windows Identity Foundation (WIF)
•Software updates and hotfixes

Windows Server 2008 R2

The following hotfix must be installed on computers that are running Windows Server 2008 R2:
981002 A hotfix rollup is available for Windows Communication Foundation in the .NET Framework 3.5 Service Pack 1 for Windows 7 and Windows Server 2008 R2
Windows Server 2008

The following software updates and hotfixes must be installed on computers that are running Windows Server 2008 SP2:
968389 Extended Protection for Authentication

970430 Description of the update that implements Extended Protection for Authentication in the HTTP Protocol Stack (http.sys)

973917 Description of the update that implements Extended Protection for Authentication in Internet Information Services (IIS)

975955 A hotfix is available that adds an endpoint behavior that lets services use multiple threads to receive secure messages in the .NET Framework 3.5 Service Pack 1

981201 A hotfix is available for ASP.NET 2.0 that enables support for extended protection

981202 A hotfix is available that enables support for extended protection for the .NET Framework 3.5 Service Pack 1 in Windows Vista and in Windows Server 2008

981205 A hotfix is available that adds the Extended Protection for Authentication feature to WCF in the .NET Framework 3.5 Service Pack 1 for Windows Vista and for Windows Server 2008

Back to the top

Supported languages
AD FS 2.0 is supported in the following languages:• Chinese (Simplified)
• Chinese (Traditional)
• Czech
• Dutch
• English
• French
• German
• Hungarian
• Italian
• Japanese
• Korean
• Polish
• Portuguese (Brazil)
• Portuguese (Iberian)
• Russian
• Spanish
• Swedish
• Turkish

Back to the top

Download information
The following files are available for download from the Microsoft Download Center:

Package name

Supported Windows operating system

Platform

Download file size

AdfsSetup.exe

Windows Server 2008 R2

x64

24.04 MB

AdfsSetup.exe

Windows Server 2008 SP2

x64

42.64 MB

AdfsSetup.exe

Windows Server 2008 SP2

x86

38.66 MB

Download the Active Directory Federation Service 2.0 package now.

Release Date: May 5, 2010

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.
Back to the top

More information about Active Directory Federation Services 2.0
For more information about technical details and white papers, see the following overview:
Active Directory Federation Services 2.0 Overview

Back to the top

Upgrade information for Windows operating systems
If you have AD FS 2.0 deployed on a computer that is running Windows Server 2008, AD FS 2.0 is automatically uninstalled when you upgrade your Windows operating system to Windows Server 2008 R2. You have to install the AD FS 2.0 installation package for Windows Server 2008 R2 after you upgrade the Windows operating system.

If you want to preserve the previous configuration data on the federation server and restore the data after you reinstall AD FS 2.0, follow the steps in the “Before you upgrade Windows” and “After you upgrade Windows” sections.
Before you upgrade Windows
Copy the AD FS service configuration file to a file server on the network before you upgrade the operating system. And, note the service account that the AD FS 2.0 Windows Service uses. To do this, follow these steps:1.Locate the following AD FS 2.0 installation folder:
%system drive%\Program Files\Active Directory Federation Service 2.0

2.Copy the following configuration file to a safe backup location:
Microsoft.IdentityServer.Servicehost.exe.config

3.Click Start, click Run, type services.msc, and then click OK.
4.Right-click AD FS 2.0 Windows Service, and then click Properties.
5.On the Log On tab, note the service account that is used for the AD FS 2.0 Windows Service.

After you upgrade Windows
Reinstall AD FS 2.0, set a registry setting to restore the previous configuration, restore the service account, and start the appropriate services. To do this, follow these steps.

Note After you finish these steps, the previous installation of AD FS 2.0 that was present on this federation server before the upgrade is restored. 1.Reinstall AD FS 2.0.
2.Copy the following configuration file that you saved in step 2 of the “Before you upgrade Windows” section:
Microsoft.IdentityServer.Servicehost.exe.config

3.Locate the following AD FS 2.0 installation folder, and then copy the file that is mentioned in step 2 to this location:
%system drive%\Program Files\Active Directory Federation Service 2.0

4.Click Start, click Run, type regedit, and then click OK.
5.Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\adfssrv

6.On the Edit menu, point to New, and then click String Value.
7.Type InitialConfigurationCompleted, and then press ENTER.
8.Right-click InitialConfigurationCompleted, and then click Modify.
9.In the Value data box, type TRUE, and then click OK.
10.On the File menu, click Exit to exit Registry Editor.
11.Click Start, click Run, type services.msc, and then click OK.
12. If you use Windows Internal Database as the AD FS 2.0 configuration database, follow these steps. Otherwise, bypass step 12, and go to step 13.•Right-click Windows Internal Database (MICROSOFT##SSEE), and then click Properties.
•On the General tab, if the Service status field does not display Started, click Start to start the Windows Internal Database service.
•Click OK.

13.Right-click AD FS 2.0 Windows Service, and then click Properties.
14.On the Log On tab, provide the original backed-up service account name and the password that is used for the AD FS 2.0 Windows Service.
15.On the General tab, select Automatic in the Startup type box.
16.If the Service status field does not display Started, click Start to start the AD FS 2.0 Windows Service.
17.Click OK.

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: