Each artifact record has a size of approximately 30 kilobytes (KB). The growth of the SQL Server database as a result of this activity is not considered to be significant, and it depends on the configured token replay retention period. When either the SAML artifact resolution or SAML token replay detection features are enabled, AD FS stores information in the SQL Server configuration database for each AD FS token that is issued. SAML features and their effect on database size and growth. You should consider the following deployment facts if you select SQL Server as the configuration database for your AD FS deployment. SAML/WS-Federation token replay detectionīasic database redundancy using pull replication, where one or more servers hosting a read-only copy of the database request changes that are made on a source server that hosts a read/write copy of the databaseĭatabase redundancy using high-availability solutions, such as failover clustering or mirroring (at the database layer only) Note: All AD FS deployment topologies support clustering at the AD FS service layer. SAML artifact resolution Note: This feature is not required for Microsoft Online Services, Microsoft Office 365, Microsoft Exchange, or Microsoft Office SharePoint scenarios. There is no enforced limit for the number of federation servers that you can deploy in a single farm A WID farm has a limit of 30 federation servers if you have 100 or fewer relying party trusts.A WID farm does not support token replay detection or artifact resolution (part of the Security Assertion Markup Language (SAML) protocol). The following table describes the differences in supported features between a WID database and a SQL Server database. However, there are some differences to be aware of before you begin reading more about the various deployment topologies that you can use with AD FS. You can use the AD FS software to select either the built-in Windows Internal Database (WID) or Microsoft SQL Server 2008 or newer to store the data in the Federation Service.įor most purposes, the two database types are relatively equivalent. Determining which type of AD FS configuration database to useĪD FS uses a database to store configuration and-in some cases-transactional data related to the Federation Service. To implement basic redundancy, load balancing, and the option to scale the Federation Service (if required), we recommend that you deploy at least two federation servers per federation server farm for all production environments, regardless of the type of database that you will use.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |