why did industry required ADFS when AD was already there? Why did Microsoft did not update/improve the "AD Kerberos ticket authentication model" and instead introduced a complete new paradigm of "claim based identity model"
Claim based Identity was not introduced by Microsoft, ADFS was the product launched to support adoption of claim based Identity model. Now, claim based Identity was defined as a standard, where in there were multiple products from different vendors. Why Active directory was not matured? - I don't have an exact answer for this, but if we look at this from product capability prospective, AD was not just about authentication, where ADFS is just about authentication and authorization of users and devices(ADFS DRS). With new requirements comes new challenges and the initial product design may not be capable of even handling the maturing required for current implementations. You can also ask one more question why Azure AD when ADFS was there? - Think about it, ADFS was an on prem solution serving authentication for multiple applications right? but then cloud adoption triggered, there was a requirement of solution which can handle authentications in number like trillions. With new requirements, if the maturity model can't be handled by a product every vendors does create a new product all together. Oracle also had on-prem solution but then they also have re-written all the code to give more mature capabilities at cloud scale. I hope I was able to set the context.
Can ADFS be installed on the domain controller itself where Active Directory is also installed. Can't we just add a role on the same controller and the same server be used as a ADFS as well. Secondly the server which you mentioned which needs to be joined to the windows domain, can it be a windows 2022 Standard edition as the table in your video shows versions till 2019 only.
Hi , I have been studying ADFS I have seen lot of video in TH-cam but I have not understand, you have explained very clearly I have learnt whatever you have explained thank you so much keep it up..Nice job.:) expecting more video from ADFS.
Thank you concept works, I have a strong feeling that you would be the reason for my promotion at the office :) Keep up the good work & post something which explains stuff in detail about things like, Kerb tokens, SMAL tokens, WS fed etc
Hello Sir, Hope this message finds you well. Thank you for your kind help and support. All the training videos are too good for us and help us in work.
We would request you to please provide us with "Active Directory Certificate Services" playlist as it was promised by you on your one of the training videos. If possible, please provide us with that playlist. Thank you. May God Always Bless you.
Thank you !! your video is very informative and visualization is nice and easy to understand the concept of ADFS you are working very hard to share us quality content. Could you please also make a series on ADCS (PKI)
PKI to be very specific might not be covered, as we are completing all security products for now. But we are sure, all the new content will help you in some or the other. happy learning.
@ConceptsWork Can ADFS be installed on the domain controller itself where Active Directory is also installed. Can't we just add a role on the same controller and the same server be used as a ADFS as well. Secondly the server which you mentioned which needs to be joined to the windows domain, can it be a windows 2022 Standard edition as the table in your video shows versions till 2019 only.
Thanks for your kind explanation!!. Please help me to understand some query. 1. What is the default location of adfs database 2. In WID configuration, if primary goes down then how we can recover or how we cN make secondary as primary server. 3. How we can have public certificate. What is the process.?
The default location of ADFS database is "C:\Windows\WID\Data", if you are using WID. You can use the command mentioned in this article to make a server Primary ADFS server - docs.microsoft.com/en-us/powershell/module/adfs/set-adfssyncproperties?view=win10-ps For public cert you have to contact any cert provider.
Get-AdfsProperties only work on Primary server, if the installation is done with WID. Instead, Get-Properties shows output on all the servers. As well as Get-AdfsProperties shows the SQL instance name as well.
The process is same, please review this article - docs.microsoft.com/en-us/windows-server/identity/ad-fs/design/federation-server-farm-using-sql-server and feel free to reach me for any question.
I had a LAB setup with ADFS primary only on Oracle VM, I accidentally deleted the VM without removing ADFS server roles, now I want to install the ADFS again in the same LAB setup before I do so do I need to delete any remaining from the domain controllers
I am in the process of setting up new ADFS server for my company, I have a wildcard certificate *.abcd.com which is we are using for our company websites. Our domain controller is child.abcd.com and my adfs server name is adfs.child.abcd.com. When I am using my existing wildcard certificate which is *.abcd.com, it does not work with adfs server adfs.child.abcd.com, it gives me error. Please help me how to setup public ssl certificate *.abcd.com for my adfs server. Some of the department users are using UPNs. e.g. instead of user@abcd.com we are also using UPN user@depart1.com and user@depart2.com. I will really appreciate your help and assistant.
![เป็นไปได้ไหม - WanMai [Official MV]](http://i.ytimg.com/vi/_6lZ6b3_7Vo/mqdefault.jpg)
why did industry required ADFS when AD was already there? Why did Microsoft did not update/improve the "AD Kerberos ticket authentication model" and instead introduced a complete new paradigm of "claim based identity model"
Claim based Identity was not introduced by Microsoft, ADFS was the product launched to support adoption of claim based Identity model.
Now, claim based Identity was defined as a standard, where in there were multiple products from different vendors.
Why Active directory was not matured? - I don't have an exact answer for this, but if we look at this from product capability prospective, AD was not just about authentication, where ADFS is just about authentication and authorization of users and devices(ADFS DRS). With new requirements comes new challenges and the initial product design may not be capable of even handling the maturing required for current implementations. You can also ask one more question why Azure AD when ADFS was there? - Think about it, ADFS was an on prem solution serving authentication for multiple applications right? but then cloud adoption triggered, there was a requirement of solution which can handle authentications in number like trillions. With new requirements, if the maturity model can't be handled by a product every vendors does create a new product all together. Oracle also had on-prem solution but then they also have re-written all the code to give more mature capabilities at cloud scale. I hope I was able to set the context.
Can ADFS be installed on the domain controller itself where Active Directory is also installed. Can't we just add a role on the same controller and the same server be used as a ADFS as well.
Secondly the server which you mentioned which needs to be joined to the windows domain, can it be a windows 2022 Standard edition as the table in your video shows versions till 2019 only.
One of the BEST content on ADFS available on the internet. GREAT WORK.
Hi , I have been studying ADFS I have seen lot of video in TH-cam but I have not understand, you have explained very clearly I have learnt whatever you have explained thank you so much keep it up..Nice job.:) expecting more video from ADFS.
Thanks for the kind words, we will complete this ADFS series in next upcoming 2 weeks.
@@ConceptsWork and also I referred to my friends to watch your channel who's want to learn the ADFS.. Now we are fan of you ☺️ keep rocking..
Excellent work you r doing.. Why am I saying this, you know who is r target audience and answer everything.. Need more such videos.
Thanks for your kind acknowledgements.
very professionally done. I don't understand what those two didn't find interesting enough to dislike it. yes and want to know more about PKI
Thank you concept works, I have a strong feeling that you would be the reason for my promotion at the office :)
Keep up the good work & post something which explains stuff in detail about things like, Kerb tokens, SMAL tokens, WS fed etc
Thank you so much for your kind words.
Really great work done by consept work. Could please make a series for ADCS PKI
Thank you!
That would really be appreciative.Please make a series on ADCS PKI CRL
Hello Sir,
Hope this message finds you well.
Thank you for your kind help and support. All the training videos are too good for us and help us in work.
We would request you to please provide us with "Active Directory Certificate Services" playlist as it was promised by you on your one of the training videos.
If possible, please provide us with that playlist.
Thank you.
May God Always Bless you.
Thank you for your hard work and quality content.
Thank you !! your video is very informative and visualization is nice and easy to understand the concept of ADFS you are working very hard to share us quality content. Could you please also make a series on ADCS (PKI)
We have this in pipeline, but as of we are focused on creating content for complete EMS suite.
This is a gem of work!!! You made it very simple !!!
very valuable info bro, really much appreciated your efforts, please keep it up and move on
Thank you for making learning so simple.
Awesome video!!!!!!Thank you very much boss!!!
Glad you liked it!
Excellent explanation!
Glad it was helpful!
Great , please make such more videos
Thank you very much for your hard work and for clarifying the concepts so well. Appreciated!!!!!
Glad it was helpful!
Thanks a lot for your hard work.
It's my pleasure
Thank you for such videos really appreciate your effort
Thank you Ehbab
thank you
Well explained...thanks for detailed explanation, when can we expect Certificate Authority video (PKI)
PKI to be very specific might not be covered, as we are completing all security products for now. But we are sure, all the new content will help you in some or the other.
happy learning.
@ConceptsWork Can ADFS be installed on the domain controller itself where Active Directory is also installed. Can't we just add a role on the same controller and the same server be used as a ADFS as well.
Secondly the server which you mentioned which needs to be joined to the windows domain, can it be a windows 2022 Standard edition as the table in your video shows versions till 2019 only.
Please make a course on SC300 exam certification
Beautiful contents.
thanks for your nice arrangement video
Nice video... Good explanation... Thank you ☺️
Your welcome :-)
Excellent video, explained very clearly. Thanks!!
Glad it was helpful!
thanks for info
Do you have and video that explain what are the difference between ADFS and Azure AD Connect ?
Awesome work !!
How to plan HA in case of upgrade or parching?
awsome...
Thanks for your kind explanation!!.
Please help me to understand some query.
1. What is the default location of adfs database
2. In WID configuration, if primary goes down then how we can recover or how we cN make secondary as primary server.
3. How we can have public certificate. What is the process.?
The default location of ADFS database is "C:\Windows\WID\Data", if you are using WID.
You can use the command mentioned in this article to make a server Primary ADFS server - docs.microsoft.com/en-us/powershell/module/adfs/set-adfssyncproperties?view=win10-ps
For public cert you have to contact any cert provider.
Well done !!
Can you please make a certificate authority series
Thank you for your hard work and quality content¨ :-))) thx
Very nice👍
Thanks a lot
awesome. but please keep mic bit louder
Subscribed
how to know which mode installation done ...on exiting setup...
Get-AdfsProperties only work on Primary server, if the installation is done with WID.
Instead, Get-Properties shows output on all the servers.
As well as Get-AdfsProperties shows the SQL instance name as well.
Have you made any video on ADCS?
Not yet.
@@ConceptsWork okay..
is it pre-prequisite to fedarate a onprem domain to O365, AC Connect to be installed in on-prem domain?
No federated domain is one of authentication type.
Thanks for the content bro. can u make another video on ADFS with sql instance?
The process is same, please review this article - docs.microsoft.com/en-us/windows-server/identity/ad-fs/design/federation-server-farm-using-sql-server and feel free to reach me for any question.
I had a LAB setup with ADFS primary only on Oracle VM, I accidentally deleted the VM without removing ADFS server roles, now I want to install the ADFS again in the same LAB setup before I do so do I need to delete any remaining from the domain controllers
The server on which you installed ADFS, was also a DC?
I wish to create lab on my laptop windows 7 it is. Can you guide me how can I do it?
Send us an email at learnconceptswork@gmail.com
@@ConceptsWork sent
Do we really require wildcard SSL or it will work normal SSL cert ?
SSL should have SAN name entry for federation service name, that's all required.
Please upload with 1080p
you should be teaching on udemy.
I am in the process of setting up new ADFS server for my company, I have a wildcard certificate *.abcd.com which is we are using for our company websites. Our domain controller is child.abcd.com and my adfs server name is adfs.child.abcd.com. When I am using my existing wildcard certificate which is *.abcd.com, it does not work with adfs server adfs.child.abcd.com, it gives me error. Please help me how to setup public ssl certificate *.abcd.com for my adfs server. Some of the department users are using UPNs. e.g. instead of user@abcd.com we are also using UPN user@depart1.com and user@depart2.com.
I will really appreciate your help and assistant.
Can you please mail the error at learnconceptswork@gmail.com
Can I have your contact ?
Thank you for your hard work and quality content¨ :-))) thx