Share via


Checklist: Implementing a resource account mapping method

Applies To: Windows Server 2003 R2

This checklist includes the tasks for determining which resource account mapping method to implement. Complete the tasks in this checklist to successfully deploy a Windows NT token–based application. You do not have to complete this checklist if you are deploying a claims-aware application.

Note

Complete the tasks in this checklist in order. When a reference link takes you to a procedure, return to this topic after you complete the steps in that procedure so that you can proceed with the remaining tasks in this checklist.

ChecklistChecklist: Implementing a resource account mapping method

  Task Reference
Checkbox

Review information in the ADFS Design Guide to determine whether to use one or more of the resource account, resource group, or group-to-UPN (user principal name) mapping methods.

Conceptual topicDetermine your resource account mapping method

Checkbox

Review information in the ADFS Design Guide about when and how to use resource accounts in the resource forest.

Conceptual topicWhen to use resource accounts

Checkbox

Review information in the ADFS Design Guide regarding which setting in the resource Federation Service can best optimize resource account mapping methods.

Conceptual topicSelect the optimal resource account option

Checkbox

Review information in the ADFS Design Guide about when and how to use resource groups in the resource forest.

Conceptual topicWhen to use resource groups

Checkbox

Review information in the ADFS Design Guide about whether you should use the group-to-UPN mapping method in the resource forest instead of the resource group mapping method.

Conceptual topicWhen to use group-to-UPN mapping

Checkbox

If you will be using resource accounts for mapping, create and configure the accounts for use with Windows NT token–based applications.

noteNote
This procedure is necessary only when you use the resource account mapping method.

Procedure topicCreate a resource account in the resource partner forest

Checkbox

If you will be using resource groups for mapping, associate an existing security group in the resource forest with a specific organization claim in the resource Federation Service.

Note

This procedure is necessary only when you use the resource group mapping method.

Procedure topicMap an organization group claim to a resource group