AD FS deployment
In this section, we are going to look into the AD FS deployment using single federation server and single Web Application Proxy server model. Before we setup, we need a few prerequisites to fulfill.
DNS records
We need few DNS records (internal and external) set up prior to start the deployment:
DNS Record | External | Internal |
Application URL | Yes | Yes |
WAP URL | Yes | N/A |
AD FS URL | N/A | Yes |
In the test environment, the following URLs will be used:
myapp.rebeladmin.comwill be the application, and it will have the external DNS record created and map it to the external IP address. It will NAT to the application server IP address using firewall. It will also have the internal DNS entry and point to the internal IP address of the application server.secure.rebeladmin.comwill be the WAP connection point from the external. WAP servers are in the perimeter network; it is not necessary to have the internal DNS record unless there are multiple WAP servers.adfs.rebeladmin.comwill be the AD FS server DNS entry...
