Microsoft Active Directory Federated Services (AD/FS) is a standards-based service that allows the secure sharing of identity information
between trusted business partners (known as a federation) across an extranet. When a user needs to access a Web application from one of
its federation partners, the user's own organization is responsible for authenticating the user and providing identity information in the
form of "claims" to the partner that hosts the Web application. The hosting partner uses its trust policy to map the incoming claims to
claims that are understood by its Web application, which uses the claims to make authorization decisions.
AD/FS is Microsoft's implementation of the WS-Federation Passive Requestor Profile protocol (passive indicates that the client requirements
Markup Language (SAML).
TickStream.KeyID for AD/FS is a software package that allows you to provide second factor authentication for Microsoft Active Directory
Federated Services deployments. The package can be installed quickly and simply on the AD/FS server, and uses standard Forms Authentication to
capture typing efforts.
Installing TickStream AD/FS software requires at least one physical or virtual server running Microsoft Windows Server 2012 R2 or later, with
Active Directory and AD/FS configured.
The TickStream.KeyID analysis server components can be deployed on one or more existing servers using a standard Windows Installer
package, or can be delivered on a pre-configured virtual server image (in Hyper-V, VMWare, and Citrix formats).
Minimum requirements include:
- Microsoft Windows Server 2008 R2 or later
- Internet Information Services (IIS)
- Microsoft SQL Server 2008 R2 or later
It is recommended that you configure an SSL certificate for your TickStream.KeyID Server.
For detailed information and instructions on installing TickStream.KeyID for AD/FS, read the complete documentation at: