Windows Server® 2012 Unleashed

Best Practices

The following are best practices from this chapter:

• Use FIM or another metadirectory management tool to keep disparate directories synchronized.

• Use AD LDS for applications that require custom schema changes, and keep the information in those AD LDS instances synchronized to a central AD DS farm with the use of FIM.

• Use AD FS 2.0 to provide for Single Sign-On to claims-aware applications on the Internet, such as those that use SAML 2.0 tokens.

• Use AD FS for Single Sign-On support across multiple platforms.

• Consider using FIM for automatic provisioning/provisioning of user accounts across multiple directories. By establishing a firm policy on deprovisioning accounts that are no longer active, greater overall security ...

Get Windows Server® 2012 Unleashed now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Windows Server® 2012 Unleashed by

Best Practices

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly