Courses and Conferences

DTI Main Reception

Do you need help?

  • Gregersensvej 8
  • 2630 Taastrup
Google MapsApple MapsRejseplanen
  • Forskerparken Fyn, Forskerparken 10F
  • 5230 Odense M
Google MapsApple MapsRejseplanen
  • Teknologiparken Kongsvang Allé 29
  • 8000 Aarhus C
Google MapsApple MapsRejseplanen
  • NordsøcentretPostboks 104
  • 9850Hirtshals
Google MapsApple MapsRejseplanen
  • Gammel Ålbovej 1
  • 6092Sønder Stenderup
Google MapsApple MapsRejseplanen
2 days virtual course

Virtual Masterclass: Managing Active Directory Federation Services for Multiple Organizations [ADS]

Are you about to implement Active Directory Federation Services and Claims? With this course you will learn how to implement the most business oriented server role. The course focuses on implementation scenarios, including practice in the newest technologies and solutions delivered with Windows Server 2019. You will get all the knowledge you will need when you are planning to host services that will connect users across different organizations.

Multi organization ADFS is a perfect course if you need to implement ADFS across different organizations!

Federated Identity is the most discussed topic in terms of organization cooperation right now, and with this course you will get all the knowledge you will need when you are planning to host services that will connect users across different organizations.

As an add-on course, we will extend previous labs with multi organizations trust, discover problems arising from connecting remote parties and find an automated way to make sure that everything is working smoothly. Using ADFS on Windows 2019, we will connect parties using various active directory topologies and versions, to simulate all the problems that you will be facing in real world deployment. As a CQURE course, we will focus on security of ADFS, and show a way to solve common access problems – from hacking the user identity, to solving permission problems.

A good enterprise implementation is not complete if we do not think about backup and scripting – so after implementing business partner connectivity, we will focus on scripting the implementation, which will not only allow us to quickly backup and restore our servers, but also allow us to prepare automatic configuration scripts for remote party.

The last part of this course is focused on large ADFS implementations, where load-balancing client traffic is a must. You will not only learn how to load balance ADFS farm, but also get to known Microsoft load balancer included in IIS.

Target audience

This course is intended for Enterprise administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security.

Prerequisites

This course is intended for IT professionals who would like to implement and administer Active Directory Federation Services across the organization. Prerequisite for the course is to have completed the course Virtual masterclass: Administering and configuring AD Federation Services and Claims ADF.

At the end of the course you will be able to:

  • Deploy AD Federation Services to provide claims-aware authentication for multiple organizations.
  • Implement AD Federation Services high availability and load balancing.
  • Implement Claims filtering and processing, to secure multi-organization enabled application.
  • Script and backup ADFS environment.
  • Automate business partner setup procedure for ADFS.
  • Configure Active Directory for ADFS.

Content

Module 1:
  • Working with external parties
  • ADFS in Forest/Domain trust environment
  • Federating with different ADFS versions
Module 2:
  • Home Realm Discovery
  • Hacking ADFS Claims
  • Additional user authorization
  • Claim pipeline for multiple IdP
  • MFA in multi IdP environment
Module 3:
  • PowerShell Scripting for ADFS
  • Backup and Restore ADFS Config
  • Exporting and Importing RP and IdP
Module 4:
  • Working with clients
  • Creating automated Claim Provided Trust configuration for clients
  • Working with third party IdP
Module 5:
  • Load Balancing ADFS
  • Using IIS ARR to load-balance ADFS
  • Advance Clustering and load balancing

Material

Exercises, presentation slides with notes. All exercises are based on newest Windows Server 2019 and Windows 10.

CPE Point (Continuing Professional Education)

It will be possible to earn CPE points after completion this course.

Form

Virtual delivery with live Trainer

Before you participate on a virtual course, we always try to arrange a 15-20 minute test session with the participants a week before to make sure that everyone is capable to attend the Masterclass. Below you will find the technical requirements for connecting to the virtual training:

  • A computer with a stable internet connection (preferably Windows or Mac OS)
  • Permissions for outgoing RDP connections to external servers (to our lab environment) – port 3389
  • A headset (headphones + microphone)
  • Webcam (built-in or plug-in)
  • Additional monitor will be helpful but it’s not required

Underviser

Michael Grafnetter til www
Michael er ekspert i Windows Security, Microsoft Azure og PowerShell, han har en kandidatgrad i softwareudvikling, og i begyndelsen af 2021 blev han tildelt Titlen Microsoft Azure Most Valuable Professional. Han er forfatter til open source Directory Services Internals (DSInternals) PowerShell-modulet og Thycotic Weak Password Finder, værktøjer, der bruges af sikkerhedsrevisorer og penetrationstestere over hele verden. Hans unikke DSInternals Framework afslører mange udokumenterede Active Directory-sikkerhedsfunktioner, og det er allerede blevet integreret i flere tredjepartsløsninger til identitetsstyring og Active Directory-genoprettelse efter nedbrud.

See all our Masterclass courses

Do you have any questions please contact