TechEd: SSO with Windows R2 - Yes!
Alright! Windows Server R2 is adding a federated single sign-on (SSO) service called Active Directory Federation Services (ADFS). This allows your Windows credentials to be federated and used across organizational boundaries. There are so many user scenarios where this is vital. One very common scenario that I heard time and again when I worked on the SharePoint Portal Server team is allowing the ability to create an extranet SharePoint site and giving access to multiple users in different organizations. For a truely secure setup and one not fraught with user management headaches, you usually have to implement a third party Web SSO product or add user's to your Active Directory (yeah right). (did I just use the word fraught???)
With ADFS you can trust or federate other organization's user credentials instead! In the SharePoint example I can use my regular Windows credentials and logon to someone's else's SharePoint server if they are using ADFS and we've established a federated relationship. A demo showed this working with SharePoint (part of Windows) - I wonder when Portal Server will do the integration work? This is a much needed an requested feature. Question to you: will ADFS make the team sharing capabilities of SharePoint more useful for you now that it is easier to implement cross-companies?
