Courses and Conferences

DTI Main Reception

Do you need help?

  • Gregersensvej 8
  • 2630 Taastrup
Google MapsApple MapsRejseplanen
  • Forskerparken Fyn, Forskerparken 10F
  • 5230 Odense M
Google MapsApple MapsRejseplanen
  • Teknologiparken Kongsvang Allé 29
  • 8000 Aarhus C
Google MapsApple MapsRejseplanen
  • NordsøcentretPostboks 104
  • 9850Hirtshals
Google MapsApple MapsRejseplanen
  • Gammel Ålbovej 1
  • 6092Sønder Stenderup
Google MapsApple MapsRejseplanen
3 days virtual course

Masterclass: Administering and Configuring ADFS and Claims [ADF]

Active Directory Federation Services and Claims workshop are the best way to learn how to implement the most business-oriented server role. The course focuses on implementation scenarios, including practice in the latest technologies and solutions that come with Windows Server 2019. The training is in English.

ADF

Federated Identity and claims based applications are becoming more and more popular – they simplify the resource access both for your employees and business partners.

The course focuses on implementation scenarios, including practice in the newest technologies and solutions delivered with Windows Server 2019.

When the world becomes more focused on solving ‘Bring Your Own Device’ issues, it is time to become more up to date with the newest technology capabilities: Active Directory Federation Services and Active Directory Domain Services have been extended to comprehend the most popular mobile devices and provide conditional access and access policies. With these policies in place, you can control access based on users, devices, locations, and access times.

Come and learn how to establish partnerships with your business parties, how to implement Single Sign On to access corporate resources, how to manage access to devices and how to implement capabilities to work from anywhere in the world!

Target audience

Enterprise administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security.

Prerequisites

This course is intended for IT professionals who would like to implement and administer Active Directory Federation Services within the organization. Prerequisite for the course is to have a medium level knowledge about Active Directory Domain Services. To attend this training, you should have good hands-on experience in administering Windows infrastructure.

At the end of the course you will be able to:

  • Design AD Federation Services infrastructure and identify the implementation requirements
  • Deploy AD Federation Services to provide claims-aware authentication in a single organization
  • Implement AD Federation Services high availability
  • Deploy Web Application Proxy (previous: AD Federation server proxy) to securely publish web applications
  • Deploy Device Registration Service to enable control of user devices
  • Deploy Claims-enabled ACLs on File Servers

Content

Module 1
  • Introduction
  • Legacy and modern authentication protocols
  • What are Claims
  • Dynamic Access Control
  • Services Accounts threats, attack and working with GMSA
Module 2
  • PKI overview and ADFS certificate consideration
  • Working with certificates and ADFS
  • Designing Modern Authentication
Module 3
  • ADFS Overview
  • Installation, availability and security consideration
  • Working with ADFS Cluster
Module 4
  • Working with ADFS – claims aware applications
  • SAML passive client flow
  • ADFS Basics – Rules and Rule flow
  • Configuring Issuing rules
  • Claim rules language
Module 5
  • Thick applications, and working with multiple Relaying Parties
  • Troubleshooting thick applications
  • Additional attribute Stores
  • Using groups in authorization rules
Module 6
  • Web Application Proxy
  • Working with claims-aware application in WAP
  • Configure pass-through application in WAP
  • WAP advanced scenarios
Module 7
  • Modern ADFS customization
  • Advanced troubleshooting ADFS
  • Monitoring ADFS security and performance
Module 8
  • Working with MFA
  • Enabling Device Registration Service
  • Windows Hello for business
  • Integration with Azure cloud

Material

Exercises, presentation slides with notes. All exercises are based on newest Windows Server 2019 and Windows 10.

Form

Virtual delivery with live trainer

Before you participate on a virtual course, we always try to arrange a 15 - 20 minute test session with the participants a week before to make sure that everyone is capable to attend the Masterclass. Below you will find the technical requirements for connecting to the virtual training:

  • A computer with a stable internet connection (preferably Windows or Mac OS)
  • Permissions for outgoing RDP connections to external servers (to our lab environment) – port 3389
  • A headset (headphones + microphone)
  • Webcam (built-in or plug-in)
  • Additional monitor will be helpful but it’s not required

Next step

Masterclass: Managing Active Directory Federation Services for Multiple Organization

CPE Point (Continuing Professional Education)

It will be possible to earn CPE points after completing this course.

Instructor

Mike
Mike Jankowski-Lorek is a solution architect, developer, data scientist and security expert with more than 12-years’ experience in the field. He designs and implements solutions for Databases, Network & Management area, mainly for Microsoft platform for medium to enterprise level organizations. Mike holds multiple certifications, especially security, database and software development related. He is one of core Experts at CQURE and holds a PhD in Computer Science.

See all our Masterclass courses

Do you have any questions please contact