A

Active Directory

Microsoft’s directory service for Windows domains.

Active Directory Federation Services

The Microsoft implementation of single sign-on (SSO).

AD

Acronym for Active Directory

ADFS

Acronym for Active Directory Federation Services

C

CA

Acronym for certificate authority

Certificate

The tool that TLS/SSL uses to encrypt communication.

Certificate authority

An entity that issues certificates to encrypt digital communication.

Certificate revocation list

A list of certificates that are no longer valid for encryption.

Comet

Comet provides a web user interface (web UI) for convenient access to administration functions like setup, network configuration, and server task management.

CRL

Acronym for certificate revocation list

D

DA

Acronym for DirectAccess

Device Registration Service

A feature of ADFS that facilitates Workplace Join, which allows users to register unmanaged devices to be known entities to the domain.

DirectAccess

A secure Remote Access connection that provides remote access to the internal network and manage-out capabilities.

Directory synchronization

A Microsoft tool that synchronizes users, groups, and attributes (like distribution groups or user phone numbers) to an Office365 instance.

DirSync

Abbreviation for Directory Synchronization

DNS

Acronym for Domain Name System

Domain Name System

A service that translates domain names into IP addresses.

DRS

Acronym for Device Registration Service

F

Failover

A part of high availability where switching from failed to redundant components occurs, usually automatically.

Federation

Federation refers to the mechanism that creates trust relationships for identity management. These trust relationships then allow single sign-on for multiple independent systems.

H

HA

Acronym for high availability

High availability

A system implementation that minimizes downtime, meaning unavailability to users.

I

Identity provider

An entity that authenticates a user to a service provider.

M

Multifactor authentication

Employs additional forms of user data for authentication. Two-factor authentication using one-time passwords is a common example.

N

Namespace

A unique identifier for the authentication environment.

Network access server

A component of RADIUS authentication. Abbreviated NAS.

Network Policy Server

How Microsoft implements RADIUS.

NPS

Acronym for NPS

O

Office 365 (Now Microsoft 365)

The cloud implementation of the Microsoft Office productivity suite.

P

Password Sync

A component of the Microsoft Directory Synchronization tool that coordinates password hashes between internal Active Directory and Office365.

portal page

The portal page consolidates external access to published applications.

R

RADIUS

Remote Access Dial In User Service (RADIUS) is an authentication protocol (RFC 2865). The HOTPin system uses the Microsoft application Network Policy Server (NPS) to implement RADIUS.

RADIUS client

A RADIUS client is a network access server (NAS) that facilitates authentication requests between access clients and the HOTPin system when RADIUS is used as the authentication protocol.

Read-only access

Read-only access provides configuration to designate access with a low level of access to the web UI to check configuration and monitor connectivity data.

Redundancy

A part of high availability design that employs additional resources, like extra servers, to carry out required functionality in the event one component fails.

Relying party trust

Designates a service provider as a partner organization for ADFS. The service provider is a relying party that ADFS will trust authentication requests from.

Remote Access Dial In User Service

See RADIUS.

S

SecureAccess

SecureAccess is a remote access technology that provides Windows Professional and Mac computers an experience similar to DirectAccess. It creates an always-on connection to the organization network using VPN protocols. Once users install the client and provide credentials, computers automatically connect to the network whenever there is an Internet connection.

Service provider

An entity that trusts an identity provider for user authentication in a federated system.

Single sign-on

Allows login to multiple system using one set of credentials. In ADFS, once users log in with their organization AD credentials, they can access federated resources without being prompted further for authentication.

SSO

Acronym for single sign-on

U

UAG trunk

A repository of published applications for user access; this term only applies to Celestix WSA environments or other UAG deployments.

V

Virtual Private Network

A secure Remote Access connection that provides access remote access to the internal network.

VPN

Acronym for virtual private network

W

WAP

Acronym for Web Application Proxy

Web Application Proxy

A reverse proxy solution that publishes internal web applications for external access.

WID

Acronym for Windows Internal Database

Windows Internal Database

A version of SQL Server Express that is automatically included with Windows Server. It is the default data store option for ADFS.

Workplace Join

The function that allows users to register devices with the domain through DRS; devices can then access application resources based on trust.