A
Active Directory
Microsoft’s directory service for Windows domains.
Active Directory Federation Services
The Microsoft implementation of single sign-on (SSO).
AD
Acronym for Active Directory
ADFS
Acronym for Active Directory Federation Services
C
CA
Acronym for certificate authority
Certificate
The tool that TLS/SSL uses to encrypt communication.
Certificate authority
An entity that issues certificates to encrypt digital communication.
Certificate revocation list
A list of certificates that are no longer valid for encryption.
Comet
Comet provides a web user interface (web UI) for convenient access to administration functions like setup, network configuration, and server task management.
CRL
Acronym for certificate revocation list
D
DA
Acronym for DirectAccess
Device Registration Service
A feature of ADFS that facilitates Workplace Join, which allows users to register unmanaged devices to be known entities to the domain.
DirectAccess
A secure Remote Access connection that provides remote access to the internal network and manage-out capabilities.
Directory synchronization
A Microsoft tool that synchronizes users, groups, and attributes (like distribution groups or user phone numbers) to an Office365 instance.
DirSync
Abbreviation for Directory Synchronization
DNS
Acronym for Domain Name System
Domain Name System
A service that translates domain names into IP addresses.
DRS
Acronym for Device Registration Service
F
Failover
A part of high availability where switching from failed to redundant components occurs, usually automatically.
Federation
Federation refers to the mechanism that creates trust relationships for identity management. These trust relationships then allow single sign-on for multiple independent systems.
H
HA
Acronym for high availability
High availability
A system implementation that minimizes downtime, meaning unavailability to users.
I
Identity provider
An entity that authenticates a user to a service provider.
M
Multifactor authentication
Employs additional forms of user data for authentication. Two-factor authentication using one-time passwords is a common example.
N
Namespace
A unique identifier for the authentication environment.
Network access server
A component of RADIUS authentication. Abbreviated NAS.
Network Policy Server
How Microsoft implements RADIUS.
NPS
Acronym for NPS
O
Office 365 (Now Microsoft 365)
The cloud implementation of the Microsoft Office productivity suite.
P
Password Sync
A component of the Microsoft Directory Synchronization tool that coordinates password hashes between internal Active Directory and Office365.
portal page
The portal page consolidates external access to published applications.
R
RADIUS
Remote Access Dial In User Service (RADIUS) is an authentication protocol (RFC 2865). The HOTPin system uses the Microsoft application Network Policy Server (NPS) to implement RADIUS.
RADIUS client
A RADIUS client is a network access server (NAS) that facilitates authentication requests between access clients and the HOTPin system when RADIUS is used as the authentication protocol.
Read-only access
Read-only access provides configuration to designate access with a low level of access to the web UI to check configuration and monitor connectivity data.
Redundancy
A part of high availability design that employs additional resources, like extra servers, to carry out required functionality in the event one component fails.
Relying party trust
Designates a service provider as a partner organization for ADFS. The service provider is a relying party that ADFS will trust authentication requests from.
Remote Access Dial In User Service
See RADIUS.
S
SecureAccess
SecureAccess is a remote access technology that provides Windows Professional and Mac computers an experience similar to DirectAccess. It creates an always-on connection to the organization network using VPN protocols. Once users install the client and provide credentials, computers automatically connect to the network whenever there is an Internet connection.
Service provider
An entity that trusts an identity provider for user authentication in a federated system.
Single sign-on
Allows login to multiple system using one set of credentials. In ADFS, once users log in with their organization AD credentials, they can access federated resources without being prompted further for authentication.
SSO
Acronym for single sign-on
U
UAG trunk
A repository of published applications for user access; this term only applies to Celestix WSA environments or other UAG deployments.
V
Virtual Private Network
A secure Remote Access connection that provides access remote access to the internal network.
VPN
Acronym for virtual private network
W
WAP
Acronym for Web Application Proxy
Web Application Proxy
A reverse proxy solution that publishes internal web applications for external access.
WID
Acronym for Windows Internal Database
Windows Internal Database
A version of SQL Server Express that is automatically included with Windows Server. It is the default data store option for ADFS.
Workplace Join
The function that allows users to register devices with the domain through DRS; devices can then access application resources based on trust.