Active Directory

How to setup Microsoft Active Directory Certificate Services [AD CS]

by

Microsoft Active Directory Certificate Services [AD CS] provides a platform for issuing and managing public key infrastructure [PKI] certificates. On top of securing application and HTTP traffic the certificates that AD CS provides can be used for authentication of computer, user, or device accounts on a network.

In this post I will be setting up a single AD CS server on my domain and configuring group policy to auto enroll my servers. For an enterprise environment you will deploy subordinate CA’s and shut down your root CA for security. For more information about this setup click here: PKI Design Options

Installing the AD CS Server Role:

Open Server Manager and click Manage -> Add Roles and Features:

PKI 1 - Add Roles and Features

Click Next:

PKI 2 - Before you Begin

Read more…

How to setup Microsoft Web Application Proxy

by

Microsoft Web Application Proxy [WAP] is a new service added in Windows Server 2012 R2 that allows you to access web applications from outside your network. WAP functions as a reverse proxy and an Active Directory Federation Services [AD FS] proxy to pre-authenticate user access.

Web Application Proxy Overview

vBoring Blog Series:

  1. How to setup Microsoft Active Directory Certificate Services [AD CS]
  2. How to setup Microsoft Active Directory Federation Services [AD FS]
  3. How to setup Microsoft Web Application Proxy

Requirements:

  • The only hard requirement of WAP is having an AD FS server. Refer to step 1 for setting that up.
  • WAP cannot be installed on a server that AD FS is installed on. They must be separate servers.

Installing the Web Application Proxy Server Role:

Open Server Manager and click Manage -> Add Roles and Features:

Microsoft Web Application Proxy 1 - Add Roles and Features

Read more…

How to setup Microsoft Active Directory Federation Services [AD FS]

by

In this post I will be installing and configuring the Active Directory Federation Services [AD FS] server role. AD FS is able to provide Single-Sign-On [SSO] capabilities to multiple web application using a single Active Directory account.

vBoring Blog Series:

  1. How to setup Microsoft Active Directory Certificate Services [AD CS]
  2. How to setup Microsoft Active Directory Federation Services [AD FS]
  3. How to setup Microsoft Web Application Proxy

Install the AD FS Server Role:

Open Server Manager and click Manage -> Add Roles and Features:

AD FS 1 - Add Roles and Features

Click Next:

AD FS 2 - Before you Begin

Read more…