Active Directory Federation Services Overview. Published: February 24, 2012 Updated: November 1, 2013 Applies To: Windows Server 2012 R2 This topic provides an overview of Active Directory Federation Services (AD FS) in Windows Server® 2012 and Windows Server® 2012 R2. AD FS provides simplified, secured identity federation and Web single sign-on (SSO) capabilities for end users who want to access applications within an AD FS-secured enterprise, in federation partner organizations, or in the cloud. In Windows Server® 2012 R2, AD FS includes a federation service role service that acts as an identity provider (authenticates users to provide security tokens to applications that trust AD FS) or as a federation provider (consumes tokens from other identity providers and then provides security tokens to applications that trust AD FS). The function of providing extranet access to applications and services that are secured by AD FS is now performed by a new Remote Access role service called Web Application Proxy.
Active Directory Certificate Services Overview. Published: February 8, 2012 Updated: June 24, 2013 Applies To: Windows Server 2012, Windows Server 2012 R2 This document provides an overview of Active Directory Certificate Services (AD CS) in Windows Server® 2012. AD CS is the Server Role that allows you to build a public key infrastructure (PKI) and provide public key cryptography, digital certificates, and digital signature capabilities for your organization.
Did you mean… AD CS provides customizable services for issuing and managing digital certificates used in software security systems that employ public key technologies. The digital certificates that AD CS provides can be used to encrypt and digitally sign electronic documents and messages. Confidentiality through encryption Integrity through digital signatures Authentication by associating certificate keys with computer, user, or device accounts on a computer network The installation of AD CS role services can be performed through the Server Manager. Active Directory and Active Directory Domain Services Port Requirements. Updated: March 28, 2014 Applies To: Windows Server 2000, Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2, Windows Server 2008, Windows Server 2008 Foundation, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Vista In a domain that consists of Windows Server® 2003–based domain controllers, the default dynamic port range is 1025 through 5000.
Windows Server 2008 R2 and Windows Server 2008, in compliance with Internet Assigned Numbers Authority (IANA) recommendations, increased the dynamic port range for connections. The new default start port is 49152, and the new default end port is 65535. Therefore, you must increase the remote procedure call (RPC) port range in your firewalls. If you have a mixed domain environment that includes a Windows Server 2008 R2 and Windows Server 2008 server and Windows Server 2003, allow traffic through ports 1025 through 5000 and 49152 through 65535. Active Directory Collection: Active Directory. Additional Resources for Troubleshooting Active Directory: Active Directory.