Checklist: Implementing a Web SSO Design

This parent checklist includes cross-reference links to important concepts about the Web Single-Sign-On (SSO) design for Active Directory Federation Services (AD FS). It also contains links to subordinate checklists that will help you complete the tasks that are required to implement this design.

Note

Complete the tasks in this checklist in order. When a reference link takes you to a conceptual topic or to a subordinate checklist, return to this topic after you review the conceptual topic or complete the tasks in the subordinate checklist so that you can proceed with the remaining tasks in this checklist.

Icon for the Implementing a Web SSO Design check list.Checklist: Implementing a Web SSO Design

Task Reference
Review important concepts about the Web SSO design and determine which AD FS deployment goals you can use to customize this design to meet the needs of your organization. Note: Icon for the Identifying Your AD FS Deployment Goals link you can use in reference to implementing a Web SSO design.Web SSO Design

Icon for the Web SSO Design link you can use in reference to implementing a Web SSO design.Identifying Your AD FS Deployment Goals

Review the hardware, software, certificate, Domain Name System (DNS), attribute store, and client requirements for deploying AD FS in your organization. Icon for the Appendix A: Reviewing AD FS Requirements link you can use in reference to implementing a Web SSO design.Appendix A: Reviewing AD FS Requirements
According to your design plan, install one or more federation servers in the corporate network or in the perimeter network. Note: The Web SSO design requires only one federation server to function successfully. A single federation server acts in both the claims provider role and the relying party role. Icon for the Checklist: Setting Up a Federation Server link you can use in reference to implementing a Web SSO design.Checklist: Setting Up a Federation Server
(Optional) Determine whether or not your organization needs a federation server proxy in the perimeter network. Icon for the Checklist: Setting Up a Federation Server Proxy link you can use in reference to implementing a Web SSO design.Checklist: Setting Up a Federation Server Proxy
Depending on your Web SSO design plan and how you intend to use it, add the appropriate attribute store, relying party trusts, claims, and claim rules to the Federation Service. Icon for the Checklist: Configuring the Account Partner Organization link you can use in reference to implementing a Web SSO design.Checklist: Configuring the Account Partner Organization
If you are an administrator in the resource partner organization, claims-enable your Web browser application, Web service application, or Microsoft® Office SharePoint® Server application using WIF and the WIF SDK. Note: Icon for the Windows Identity Foundation link you can use in reference to implementing a Web SSO design.Windows Identity Foundation

web ssoWindows Identity Foundation SDK