Active Directory Federated Service, ADFS, is a Windows Server 2003 (R2) component that facilitates a trust between two or more organizations that will allow the sharing of multiple resources while maintaining each organization’s ability to manage their own set of users. One of the significant challenges faced when trying to implement any new solution is simply keeping the system available. In our implementation of Active Directory Federation Services (ADFS) this was one of our key focuses in moving forward with the project. The ability to use single sign-on for ADFS aware applications is a huge benefit, however it can become a painful burden if the service is unreliable.
Two main areas of concern that we focused on were load balancing and policy file changes. For load balancing we looked at the challenge at both a regional and local level. Initially in production we will use global load balancing from Akamai or Savvis for the front-end web server clusters in two regions. This will ensure availability through regional issues and fail-over is automated based on the health-checking services provided by Akamai and Savvis. Additionally by going this route we have the capability of adding more clusters in the future without much difficulty.
At the regional level we have paired up the servers for local failover through NLB clustering. We are not using any special load-balancing features so in reality this could be accomplished with hardware as well. However, as with a number of scenarios here at Microsoft we are simply using NLB due to the cost savings. Overall this configuration will give us the necessary stability to ensure that the system will remain available with greater than 99.9% up time.
Another challenge that we face is ensuring that the policy file, which is really the backbone for ADFS, is correctly distributed throughout our environment. To solve this we are leveraging another built-in feature of Windows Server 2003 (R2) - Distributed File System -Replication (DFS-R). On each of the backend servers we have enabled a DFS-R group membership with a 24 hour, full mesh replication. Simply put, no matter where the change to the policy file happens, it will be distributed to all servers. As long as we control who can change the file, we have a stable and highly available service.
If you would like to read more on either of the Windows Server 2003 (R2) services we are leveraging please find the following links.