Checklist: Implementing a resource account mapping method
Applies To: Windows Server 2003 R2
This checklist includes the tasks for determining which resource account mapping method to implement. Complete the tasks in this checklist to successfully deploy a Windows NT token–based application. You do not have to complete this checklist if you are deploying a claims-aware application.
Note
Complete the tasks in this checklist in order. When a reference link takes you to a procedure, return to this topic after you complete the steps in that procedure so that you can proceed with the remaining tasks in this checklist.
Checklist: Implementing a resource account mapping method
Task | Reference | |||
---|---|---|---|---|
Review information in the ADFS Design Guide to determine whether to use one or more of the resource account, resource group, or group-to-UPN (user principal name) mapping methods. |
||||
Review information in the ADFS Design Guide about when and how to use resource accounts in the resource forest. |
||||
Review information in the ADFS Design Guide regarding which setting in the resource Federation Service can best optimize resource account mapping methods. |
||||
Review information in the ADFS Design Guide about when and how to use resource groups in the resource forest. |
||||
Review information in the ADFS Design Guide about whether you should use the group-to-UPN mapping method in the resource forest instead of the resource group mapping method. |
||||
If you will be using resource accounts for mapping, create and configure the accounts for use with Windows NT token–based applications.
|
||||
If you will be using resource groups for mapping, associate an existing security group in the resource forest with a specific organization claim in the resource Federation Service. Note This procedure is necessary only when you use the resource group mapping method. |