In short, federation is when two Company trust each other and when federation is enabled between them they can share their user’s presence, calendar and global address list.
In a short description below things needs to be done in order to enable a federation between to organizations
Setup two AD-FS Servers (for company A and company B)
Setup AD FS federated trust between company A and company B
Choose a Server for Authentication Certificate for SSL Encryption (only 1)
Configure the resource server (web server, Application server to which resources clients access) for company A and company B
It’s always recommended that all Exchange organizations use the business instance of the Microsoft Federation Gateway for federation trusts. Before configuring federated delegation between the two organizations, you need to verify which Microsoft Federation Gateway instance each Exchange organization is using for any existing federation trusts.
Inorder to identify the instance run the following command
Get-FederationInformation -DomainName <the hosted Exchange domain namespace>
For exchange to “Configure Federated Delegation” you need to remember the below
Domain Namespace Requirements:
Step 1: Create a federation trust with the Microsoft Federation Gateway.
Step 2: Create TXT records for federated delegation
Step 3: Configure the domains for federated delegation
Add-FederatedDomain -DomainName contoso.com
Step 4: Create an Autodiscover DNS record
Step 5: Create an organization relationship
New-OrganizationRelationship -Name “Contoso” -DomainNames “contoso.com”,”northamerica.contoso.com”,”europe.contoso.com” -FreeBusyAccessEnabled $true -FreeBusyAccessLevel LimitedDetails
Thanks & Regards
MVP- Exchange Server
Tagged: Microsoft Federation Gateway, Setup AD FS federated trust
Leave a Reply