With ADFS - the authentication token issued is good for the web server with the agent installed. It is a local RPC token and cannot go off the box. With some additional configuration, you can configure ADFS to go off the box and delegate with a kerbitized
Read More...
Read the complete post at http://blogs.technet.com/adfs/archive/2008/05/13/using-adfs-with-constrained-delegation.aspx
Posted
May 14 2008, 03:08 AM
by
ADFS Product Support Blog