Steve on Security

During the Toronto stop of the TechDays tour in Canada Richard Campbell was in town talking to a bunch of really smart people about the latest and greatest technologies they've been working on.

And then me for some reason.

We got to talk about ADFS and associates:

Richard talks to Steve Syfuhs at TechDays Toronto about IT Pros providing security services for developers using Active Directory Federated Services. IT and development talking to each other willingly? Perish the thought! But in truth, Steve makes it clear that ADFS provides a great wrapper for developers to access active directory or any other service that has security claims that an application might require. Azure depends on it, even Office 365 can take advantage of ADFS. Steve discusses how IT can work with developers to make the jobs of both groups easier.

You can listen to it here: http://www.runasradio.com/default.aspx?showNum=240

I need to work on using fewer vague analogies.

Need to do a basic install from the command line?  Here’s how:

cd “C:\Program Files\Active Directory Federation Services 2.0”

FSConfig.exe CreateSQLFarm /ServiceAccount "domain\adfssvc" /ServiceAccountPassword "SecretPassword" /SQLConnectionString "database=AdfsSvcConfig;server=sqlserver;integrated security=SSPI" /AutoCertRolloverEnabled /CleanConfig /FederationServiceName "login.mydomain.com"

There are a couple flags that might look a little odd:

• AutoCertRolloverEnabled – This means ADFS will manage the certificates it uses.  Your other option is to specify which certificates it will use.
• CleanConfig – In case there is already an old configuration database.  This will delete it.
• FederationServiceName “login.mydomain.com” – The URI of your ADFS farm.