ADFS Inter-Node Communications Test
In Active Directory Federation Services (AD FS) farm, nodes are the components or entities that work together to provide federated authentication and authorization services. This test monitors all the nodes in the AD FS farm and reveals how quickly each node processes the artifact queries that are sent to the identity provider by the service provider which has received the artifact to retrieve the actual security token or assertion. In addition, this test also sheds light on the connection failures encountered by each node while processing the artifact queries.
Target of the test : An AD FS server
Agent deploying the test : An external agent
Outputs of the test : One set of results for each node in the AD FS farm
Parameters | Description |
---|---|
Test Period |
How often should the test be executed. |
Host |
The host for which the test is to be configured. |
Port |
The port at which the AD FS server listens. |
Measurement | Description | Measurement Unit | Interpretation |
---|---|---|---|
Average artifact query time |
Indicates the time taken by this node to process artifact queries. |
Seconds |
AD FS server generates an artifact (a reference token) instead of sending the actual SAML claim (such as user identity or attributes) directly to a service provider when a user attempts to access a service that requires authentication. The service provider, which has received the artifact, needs to retrieve the actual security token or assertion. To do this, it sends an artifact query to the identity provider. The query includes the artifact received from the IdP. AD FS uses artifacts to reduce the amount of data exchanged between the service provider and the identity provider and prevent the risk of exposure of sensitive information. Compare the value of this measure across the nodes to identify which node took maximum time to process the artifact queries. |
Artifact query connection failures |
Indicates the number of connection failures encountered by this node while processing the artifact queries. |
Number |
Ideally, the value of this measure should be zero. |