You work as the enterprise administrator at ABC.com. ABC.com has a domain named ABC.com. The ABC.com network servers run Microsoft Windows Server 2008 and the client computers run Microsoft Windows Vista. ABC.com has a member server named ABC-SR08 configured to host Active Directory Federation Services (AD FS).
ABC.com has a Marketing division which uses Active Directory Federation Services (ADFS).
How would you configure ABC-SR08 to pass Federation Services tokens with data from the domain?
A.
By creating and configuring a new account store.
B.
By opening a browser window to type the Federation Service URL for ABC-SR08.
C.
By checking Event Viewer applications and Event ID columns for the ID 674 event.
D.
By deploying and installing Active Directory Domain Services (AD DS) configured as a new resource partner.
Explanation:
In order to configure the AD FS trust policy to populate AD FS tokens with employee’s information from Active directory domain, you need to add and configure a new account store.AD FS allows the secure sharing of identity information between trusted business partners across an extranet. When a user needs to access a Web application from one of its federation partners, the user’s own organization is responsible for authenticating the user and providing identity information in the form of “claims” to the partner that hosts the Web application. The hosting partner uses its trust policy to map the incoming claims to claims that are understood by its Web application, which uses the claims to make authorization decisions. Because claims originate from an account store, you need to configure account store to configure the AD FS trust policy.
Reference: Active Directory Federation Services
http://msdn2.microsoft.com/en-us/library/bb897402.aspx