Forum Discussion
ADFS and SharePoint on premises - Really the right way ?
All of our SharePoint 2013/2016 installations use ADFS as STS together with HNSC. From what I read this is supposed to be best practice and while I don't mind (actually like) the HNSC part, using any...
You can still use ADFS, just use a non-claims aware relying party instead. This way you change nothing on SharePoint (except enable Kerberos) and the behavior is as your users previously experienced it.
Hi Trevor,
I was about to use ADFS with SharePoint 2013 to enable SSO with another third party application hosted on ColdFusion and using a custom database, by creating trust between ADFS and STS of that application, let me know if that is the right way to go?
Thanks
Paramdeep Singh
- As long as your CF app supports SAML or Windows Kerberos auth, sure. That's less of a technical question and more of a business decision.
HI Trevor,
I have similar situation with one external face hub site using ADFS/SAML. I need to publish an SharePoint 2016 site for external access, and hub site can have single sign-on to SP2016 site. As current SP2016 site is using Kerberos and has lot of SSRS reports, BI an data warehousing connections, it is might not be suitable to use ADFS/SAML as ideneity provider.
Could you please kindly advise whether by using ADFS 3.0 non-claim aware to publish SP2016 site will give me SSO from hub site (SMAL) to SP2016 site (Kerberos)? Thanks.
So you say: Use Windows Claims inside of SharePoint and no ADFS Services as IDP. But use Web Application Proxy for publishing SharePoint as an non-claims aware application ?
- That's correct. Or use another RP appliance.
