...building hybrid clouds that can support any device from anywhere
In few of the previous posts, Anders Ravnholt discussed Installation & Configuration of WAP and Reconfiguration with FQDNs, ports and Trusted Certificates in detail. In this series, I will discuss how to configure AD FS and enable it to provide Identities to your WAP installation.
Contoso Inc. is a Service Provider that hosts a private cloud stack and offers Compute resources to their customers. Contoso wants to install a Windows Azure Pack stack and
We will run through this scenario in 3 parts:
In this first part of the blog series, we will discuss how Contoso can set up an AD FS instance in their Corp domain.
In the second part, we will discuss how Contoso can set up trust between the AD FS instance and the WAP Admin Portal and provides its users, access to the Management Portal.
In the third part, we will discuss how Contoso can enable Fabrikam's users to access the Tenant portal by establishing trust between Fabrikam's AD FS and Contoso's AD FS.
Rob is a Fabric Administrator who is responsible for maintaining the infrastructure. Rob was tasked with installing the Windows Azure Pack Stack for Contoso Inc.
Mary is the Domain administrator for pcloud.contoso.corp domain in Contoso's Active Directory. Mary has necessary permissions to configure the AD FS linked to the domain.
Alan is a Tenant Administrator who is responsible for Creating and Managing Plans and Subscriptions in Windows Azure Pack.
Mary is the Domain Administrator for the domain ‘pcloud’ which is a domain in the ‘Contoso.corp’ forest. She has the necessary permissions to add an AD FS instance to the pcloud domain.
You can find more information about AD FS at http://technet.microsoft.com/en-us/library/hh831502.aspx
Visit Part 2 of this blog series for a walkthrough on how Contoso uses this AD FS instance to provide Admin identities to WAP.
Visit Part 3 of this blog series for a walk through on how Contoso uses this AD FS instance to federate with Fabrikam’s AD through a Fabrikam AD FS to provide tenant Identities to WAP.
These Steps are just too complicated to follow, They need to be simplified to an installer or a Configuration Portal rather than a 3 Page blog where things can go wrong so easily. If this is a Customer scenario why is it hard to configure ?