Checklist: Implementing a Federated Web SSO Design

This parent checklist includes cross-reference links to important concepts about the Federated Web Single-Sign-On (SSO) design for Active Directory Federation Services (AD FS). It also contains links to subordinate checklists that will help you complete the tasks that are required to implement this design.

Note

Complete the tasks in this checklist in order. When a reference link takes you to a conceptual topic or to a subordinate checklist, return to this topic after you review the conceptual topic or you complete the tasks in the subordinate checklist so that you can proceed with the remaining tasks in this checklist.

Icon for the Implementing a Federated Web SSO Design check list.Checklist: Implementing a Federated Web SSO Design

Task Reference
Review important concepts about the Federated Web SSO design and determine which AD FS deployment goals you can use to customize this design to meet the needs of your organization. Icon for the Federated Web SSO Design link you can use in reference to implementing a federated Web SSO design.Federated Web SSO Design

Icon for the Identifying Your AD FS Deployment Goals link you can use in reference to implementing a federated Web SSO design.Identifying Your AD FS Deployment Goals

Icon for the Planning Your Deployment link you can use in reference to implementing a federated Web SSO design.Planning Your Deployment

Review the hardware, software, certificate, Domain Name System (DNS), attribute store, and client requirements for deploying AD FS in your organization. Icon for the Appendix A: Reviewing AD FS Requirements link you can use in reference to implementing a federated Web SSO design.Appendix A: Reviewing AD FS Requirements
Review important concepts about claims, claim rules, attribute stores, and the AD FS configuration database before deploying AD FS in both partner organizations. Icon for the Understanding Key AD FS Concepts link you can use in reference to implementing a federated Web SSO design.Understanding Key AD FS Concepts
According to your design plan, install one or more federation servers in each partner organization. Note: For the Federated Web SSO design, you need at least one federation server in the account partner organization and at least one federation server in the resource partner organization. Icon for the Checklist: Setting Up a Federation Server link you can use in reference to implementing a federated Web SSO design.Checklist: Setting Up a Federation Server
(Optional) Determine whether or not your organization needs a federation server proxy. If your design plan calls for a proxy, you can install one or more federation server proxies in each partner organization. Icon for the Checklist: Setting Up a Federation Server Proxy link you can use in reference to implementing a federated Web SSO design.Checklist: Setting Up a Federation Server Proxy
According to your design plan, share certificates, configure clients, and configure the trust relationships in both partner organizations so that they can communicate over a federation trust. Icon for the Checklist: Configuring the Account Partner Organization link you can use in reference to implementing a federated Web SSO design.Checklist: Configuring the Account Partner Organization

Icon for the Checklist: Configuring the Resource Partner Organization link you can use in reference to implementing a federated Web SSO design.Checklist: Configuring the Resource Partner Organization

If you are an administrator in the resource partner organization, claims-enable your Web browser application, Web service application, or Microsoft® Office SharePoint® Server application using WIF and the WIF SDK. Icon for the Windows Identity Foundation link you can use in reference to implementing a federated Web SSO design.Windows Identity Foundation

federated web ssoWindows Identity Foundation SDK