Preparing the Network for AD FS
After the NLB cluster has been created, several DNS records need to be manually created, and several firewall ports might need to be opened, depending on whether AD FS will be available externally. For specifics on which DNS records and firewall port openings are required for a given scenario, see Chapter 28.
If a dedicated service account will be used for AD FS, as required for a multiple-server deployment, the account must be created before the initial configuration of AD FS. The service account does not require any particular rights to the AD domain; however, it must be a member of the local Administrators group on each federation server.
Get Microsoft® Lync® Server 2013 Unleashed Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
