Learn how to set up workplace join in AD FS to allow iOS devices to be registered in Active Directory. This allows iPads and iPhones to access secured web-based resources.
- [Narrator] In the last segment, we took a look…at global authentication policy settings…for relying parties and for any claims based authentication…using active directory federation services.…And we saw that there is the ability to change…how a user has to authenticate based on the device…that they're using.…Is the device registered or is it not?…And I mentioned that there are some devices…that can't be joined to an active directory domain,…such as an iOS device, an iPhone or an iPad.…
There are also some devices that we wouldn't want to have…joined to our domain, such as an employee's personal laptop…in a bring your own device environment.…So we have these devices that can't be joined to the domain,…but we might want to have them registered in a way…that they can still be recognized.…And this is a pretty big deal.…For several years, IT professionals have resisted this move…claiming that if a device was not a Windows workstation…joined to the domain, then it had no place…in the corporate network.…
That approach only holds up until the day…
Note: The topics covered here map to the Configure Identity and Access Solutions domain for Microsoft Certified Solutions Associate (MCSA) Exam 70-412, Configuring Advanced Windows Server 2012 Services. Use these tutorials to study for the exam.
- Implementing Active Directory Federation Services (AD FS)
- Configuring AD FS authentication policies
- Configuring multifactor authentication
- Installing and configuring Active Directory Certificate Services (AD CS)
- Creating certificate templates
- Configuring certificate authority backup and recovery
- Managing certificates, including templates and renewal
- Installing and configuring Active Directory Rights Management Services (AD RMS)