Organizations today are taking advantage of Web services to integrate their disparate internal applications. Furthermore, they are moving towards providing external users access to these internal applications. This allows organizations to better connect and collaborate with their customers, partners, and suppliers, helping to increase revenue growth, improve end-user satisfaction, and reduce operational costs.
Extending internal applications to external users presents IT with security and administration challenges. Organizations must be confident that only appropriate external users are provided access to company data, and that the access granted is consistent with the user’s role. . In addition, they must manage the increased administrative workload that commonly results from dramatically expanding the infrastructure user base.
Active Directory® Federation Services (ADFS) is a new feature in Windows Server 2003 R2 designed to help administrators address identity management challenges by making it possible for organizations to share a user's identity information securely across enterprise or organizational security boundaries. ADFS extends the value of Active Directory deployments to facilitate collaboration with partners, resulting in increased user productivity, greater IT efficiency, and better security. It also extends the value of Windows Server identity services in internet-facing Web environments, enabling stronger authentication for extranet deployments, native delegated administration, and close integration with Microsoft technologies.
In addition to ADFS, Windows Server 2003 introduces enhancements to Active Directory Application Mode (ADAM), as well as UNIX identity management features such as Server for Network Information Services, which helps integrate Windows® and UNIX-based Network Information Service (NIS); and Password Synchronization, which helps integrate servers running Windows and UNIX by simplifying the process of maintaining secure passwords.