Is it possible to federate your AD domain with another AD domain and then have access to their systems?
For example, users in mydomain.com are authenticated/federated to thirdpartydomain.com allowing me access to their resources (not specfic applications only).
Is this possible?
Or is it that all applications need to be claim aware in order for federation to work (which is my understanding)?
IT Engineer currently working on implementing ADFS 2.0 in a corporate environment.
You are correct. The applications need to be claims aware. If you need/want the authentication to occur using Integrated Windows Auth then you need to set up a domain trust between the two.
Developer Security MVP | www.syfuhs.net