What should you do?

You are a newly appointed enterprise administrator at Domain.com. The Domain.com network consists of an Active Directory forest with a single domain. Domain.com hosts their applications on the perimeter network of Domain.com.
Domain.com contains a domain member server that has the Active Directory Federation Services (AD FS) role installed. The Domain.com management wants single sign-on to all applications hosted on the perimeter network. You receive an instruction from management to configure the AD FS trust policy in order to populate AD FS tokens with the user data from the Active directory domain.
What should you do?

You are a newly appointed enterprise administrator at Domain.com. The Domain.com network consists of an Active Directory forest with a single domain. Domain.com hosts their applications on the perimeter network of Domain.com.
Domain.com contains a domain member server that has the Active Directory Federation Services (AD FS) role installed. The Domain.com management wants single sign-on to all applications hosted on the perimeter network. You receive an instruction from management to configure the AD FS trust policy in order to populate AD FS tokens with the user data from the Active directory domain.
What should you do?

A.
The best option is to add and configure a new organization claim.

B.
The best option is to add and configure a new account store.

C.
The best option is to add and configure a new account partner.

D.
The best option is to add and configure a new application.

Explanation:
You need to add and configure a new account store. With this you can configure the AD FS trust policy to populate AD FS tokens with employee’s information from Active directory domain. AD FS allows the secure sharing of identity information between trusted business partners across an extranet. When a user needs to access a Web application from one of its federation partners, the user’s own organization is responsible for authenticating the user and providing identity information in the form of “claims” to the partner that hosts the Web application. The hosting partner uses its trust policy to map the incoming claims to claims that are understood by its Web application, which uses the claims to make authorization decisions. Because claims originate from an account store, you need to configure account store to configure the AD FS trust policy.
Reference : Active Directory Federation Services
http://msdn2.microsoft.com/en-us/library/bb897402.aspx



Leave a Reply 1

Your email address will not be published. Required fields are marked *


networkmanagers

networkmanagers

I agree with the answer. B