0

We are a small company with 22 people in the office.

We had a lot of problems with e-mail in the past so I decided to change over to Google Apps for Business. It is the perfect solution for us, except for one thing: I need to be able to control the access to the mailboxes. Only users inside the office, authenticated to AD, or users authenticated to our VPN can connect to gmail.

From what I've read it is possible using the SSO (Single Sign On) solution provided by Google - but i am having some trouble finding consistent information about it.

First of all, our infrastructure:

  • Windows Server 2008 R2
  • Active Directory, one domain only.
  • Kerio Control for QoS and VPN.

That's about it on our side.

On Google Apps' side, I have one account, and 03 domains that my users use to log in. The main domain has most of the users, but the are a couple of people that login using one of the subdomains. I have a 03 domains because I run mail for 03 companies and wanted all to be in within the same control panel.

Well, I found some guides on the internet but none of them cover the AD FS installation part.

I've read somewhere that I needed to download AD FS 2.0 directly from Microsoft.com, because the one that came with Windows Server was a old version.

I downloaded it (adfsSetup.exe) and tried to install but got an error, saying that I needed a Windows Server 2008 Sp2 for that program. My Windows Server 2008 is R2.

I really need some help here, this is very importand, I dont want to have to pay $1000 for a SSO solution when i have an AD set up.

Can someone please point me out to the right direction? Where can I find an AD FS 2.0 setup compatible with R2 would be a good start, or the one that came with r2 is already the 2.0 version.

After the initial setup, there are some guides on the internet about the Google Apps part. It seems to be really easy.

I also tried adding AD FS role, but there are a bunch of options wich I have no idea what means, and I coudn't find any guide covering that on the internet.

I dont have a lot of experience with Windows Server, but I have a company wich is certificated and provide us with support. I can ask for their help in the later setup, but I dont think ADFS is a very common thing to deal with.

Kenny Rasschaert
  • 9,045
  • 3
  • 42
  • 58
Dominique dutra
  • 1
  • Did you resolve your issue? Have you configured ADFS SSO for your company? –  Oct 06 '12 at 06:14

1 Answers1

1

Step by step guide: http://technet.microsoft.com/en-us/library/dd807096%28v=ws.10%29.aspx Download: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=10909

Make sure you download this version RTW\W2K8R2\amd64\AdfsSetup.exe

I downloaded it (adfsSetup.exe) and tried to install but got an error, saying that I needed a Windows Server 2008 Sp2 for that program. My Windows Server 2008 is R2.

It seems to me you tried to install the wrong version as W2k8 SP2 is not equal to W2k8 R2! Also R2 is only available in 64-bit.

Additionally you can read through this site: http://www.appdelivery.com/index.php?option=com_content&view=article&id=78:adfs-20-with-google-apps&catid=52:cloud-computing&Itemid=69

I read there that SSO is only possible for the apps accessed via browser. Don't know if this is true but it may be a problem if you are using MS Outlook.

Tom
  • 424
  • 3
  • 12
  • Tom, Thank you very much for thaking the time to anwser. We want to use Google Apps, Gmail, Docs, etc, wich are all web based applications. – Dominique dutra Jan 24 '12 at 10:33