Bob's Identity Management Blog

"Anyone can hold the helm when the sea is calm." – Syrus Publilius

ADFS 2.0 (Active Directory Federation Services) was released to the public May 5th, 2010 and announced on the “Geneva team blog.”  You can download the package from the Microsoft download site and install for free on Windows Server.  Stuart Kwan gives a brief overview of ADFS 2.0 capabilities in a new channel 9 video produced by Microsoft. Why is this important? ADFS 2.0 is a big step forward for Microsoft in their delivery of a new paradigm Identity and Access capabilities within software products based on “claims” rather than traditional Kerberos authentication.

Lacking in the previous version, SAML 2.0 is now officially supported by ADFS 2.0. SAML is the authentication protocol we used to create our Just-in-Time provisioning example I blogged about earlier this week (see JIT Provisioning). With ADFS 2.0 providers can be built for any application that uses either SAML or Claims. SAML is used by Salesforce.com, Google Apps, Service Now, Postini and many other SaaS/cloud services while Claims are now supported in SharePoint 2010 and will be introduced into many additional Microsoft applications.