ADFS Limitations – Security Boulevard


For nearly two decades, Microsoft has offered Active Directory Federation Services (ADFS) as a solution to extend corporate identities beyond corporate firewalls. When Microsoft launched Office 365 in 2011, one of the first requirements was to provide some form of single sign-on (SSO) corporate users who wanted to access the platform from an Active Directory (AD) domain.

This involved linking Azure AD to the federation services provided by ADFS and AD on-premises. Although ADFS was a popular SSO solution when Microsoft ruled the computing world, AD and Windows-only computing environments are not as common as they once were. This means that organizations are analyzing the limits of ADFS and ultimately looking for better Identity and Access Management (IAM) solutions.

This article discusses some of the major limitations of ADFS, including high maintenance costs, complexity, security, and support issues.

What are the limits of ADFS?

When Microsoft unveiled ADFS, he promised that the solution would become the cornerstone on which organizations could build federated identities in their environments. In some ways, ADFS solves federation identity issues because users in an organization can access partner organization applications through their organization’s standard AD credentials.

ADFS also allows users to access AD built-in resources while working remotely through their AD credentials on a web interface. However, despite these advantages, ADFS brings some limitations to the table, such as:

1. It is expensive to set up and maintain

ADFS is technically a free solution with no additional licensing fees if you are already paying for the Windows Server operating system (OS). As such, it makes financial sense, especially for organizations that use Windows Server and don’t want to purchase another federation solution. However, configuring on-premises SSO servers for high availability (HA) and use outside the corporate firewall involves other costs that are not always a priority, resulting in unforeseen expense and cost. global cost.

For example, in addition to the initial setup and installation costs, you need to factor in server costs. In addition, ADFS generates ongoing maintenance costs, including infrastructure maintenance, secure socket layer (Read more…)


Comments are closed.