I'm creating a web application that will be used by users that are included in an Active Directory.
Before we were connecting our app directly to the ad using LDAPS. My Client is now using ADFS and want to close the LDAPS "gateway"
I'm kind of lost, but here is my comprehension :
The ADFS will be on the same domainController as the AD. Since my web app is on another server also on another domain, my client will have to specify that the claims made from my server are trusted.
So here is my question :
1 - What does my client have to do in adfs ?
- I saw the notion of relying party, but is this notion only used if I have also ADFS install on my server ? or am i in the right direction ?
2- Do I need to install anything on my server ?
- I think my client will need to give me a certificate so my call are trusted.
- Do I have to install ADFS to my server, the claims will be made between adfs(s) ?
- Do I need to install an ADFS proxy ?
Thanks in advance, im kind of more lost than before the beginning of my search.
P.S. I can't use the integrated visual studio tool to connect to ADFS because I have a mixed authentification (Database and ADFS)