You can use an Active Directory Federation Services (ADFS) server as the claims provider for Security Center, and allow users outside your company to log on to your system by establishing a trust chain from third-party's ADFS servers to your company's Security Center main server.
Before you begin
What you should know
Best Practice: If you want to
accept security groups from your local Active Directory as Security
Center user groups, do not federate them through
the ADFS role, but import them through the
Active Directory role instead. The latter approach offers more functionalities,
such as the synchronization of all
standard fields (first name, last name, email address, and so on), custom field mapping, and the option
to create all users at role synchronization time.
Procedure
Results
IMPORTANT: There is currently a
known issue regarding the use of a local Active Directory and ADFS. When you have external
users authenticated through ADFS in your system, all users imported from your local Active
Directory must also use fully qualified user names, even though they belong to the same
domain as your Security
Center
system.