What should you identify?

Your network contains a perimeter network and an internal network. The internal network
contains an Active Directory Federation Services (AD FS) 2.1 infrastructure. The
infrastructure uses Active Directory as the attribute store.
You plan to deploy a federation server proxy to a server named Server2 in the perimeter
network.

You need to identify which value must be included in the certificate that is deployed to
Server2.
What should you identify?

Your network contains a perimeter network and an internal network. The internal network
contains an Active Directory Federation Services (AD FS) 2.1 infrastructure. The
infrastructure uses Active Directory as the attribute store.
You plan to deploy a federation server proxy to a server named Server2 in the perimeter
network.

You need to identify which value must be included in the certificate that is deployed to
Server2.
What should you identify?

A.
The FQDN of the AD FS server

B.
The name of the Federation Service

C.
The name of the Active Directory domain

D.
The public IP address of Server2

Explanation:
A)
It must contain the FQDN
http://technet.microsoft.com/en-us/library/cc776786(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/cc782620(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/cc759635(v=ws.10).aspx

Show Hint

Leave a Reply 6

Your email address will not be published. Required fields are marked *

The answers from V.2 without the arguments.

The answers from V.2 without the arguments.

A or B. Some say that you still can hear the arguments raging on a moonless night when the wind blows from the north.

Technets:
http://technet.microsoft.com/en-us/library/dd807054.aspx
http://technet.microsoft.com/en-us/library/dn528859.aspx
http://technet.microsoft.com/en-us/library/dn383662.aspx
https://technet.microsoft.com/en-us/library/dd807100.aspx
https://technet.microsoft.com/en-us/library/dn151311.aspx#BKMK_2
http://social.technet.microsoft.com/wiki/contents/articles/4177.ad-fs-2-0-guidance-for-selecting-and-utilizing-a-federation-service-name.aspx

Reply

Diego

Diego

B.
The name of the Federation Service

Reply

Manuel

Manuel

I go with B. The proposed solution talks about de DNS A record, not the certificate itself. Alex, your link points to B as the right answer XD

Reply

Aberdeen Angus

Aberdeen Angus

B, The name of the Federation Service

From https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/design/certificate-requirements-for-federation-server-proxies:

“It is important to verify that the subject name in the server authentication certificate matches the Federation Service name value that is specified in the AD FS Management snap-in. To locate this value, open the snap-in, right-click Service, click Edit Federation Service Properties, and then find the value in Federation Service name text box.”

Reply