This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi everybody,
yesterday i was asked whether it is possible to establish a cross domain authentication with ADFS.
Scenario:
Our partner doesn´t want to establish a domain trust due to security reasons and is therefore asking, if we could realize this athentication process through ADFS?
ADFS is quite new to me and i´m not sure if this scenario is even possible with ADFS?
Kind regards,
Björn
You could use ADFS yes, as long as the application can use a federation protocol for authnetication.
ADFS does not interact with IPSec though. It is network agnostic.
You would have two options:
Thanks for your feedback. I´m glad to hear that we will have a chance with ADFS.
Just one thing which might not be clear in my first post. We don´t have any application on top of the windows service. The authentication in Domain B is only required once we setup the windows service on a server in Domain A. During the service configuration we need to select the user account from Domain B. Attached you will find a screenshot to make it more visible...
Hum, ich sehe...
In this case the answer is leider no. ADFS requires the application to use federation. In your case if that's just a windows service with no application layer using federation, you'll need an account in the same forest to make use of it. That said, what is the application doing? Maybe there is a way to move to federation?