Many institutions have deployed Microsoft's Active Directory Domain Services ("AD") as an integral part of their identity management systems. As these institutions prepare to submit applications to the Assurance Program, particularly for the Silver assurance profile, a number of issues come to fore. This Cookbook attempts to assist these institutions by providing guidance for the configuration and deployment of AD in a manner compliant with InCommon Silver.
The Cookbook was originally released in 2012, and then revised in 2014 in response to a revision to the InCommon Assurance Profile for Silver.
2014 Update
In March 2013, InCommon initiated a community review of the InCommon Silver with Active Directory Cookbook in light of the 1.2 revision to the InCommon Assurance Profile (IAP). This group completed its work in April 2014 with the release of:
For information on the working group, click on AD Alternative Means - 2013.
2012 Release
A number of InCommon participant institutions have been preparing to submit applications to the assurance program to allow them to assert InCommon Silver level of assurance. A subset of this group has been working for almost a year on a draft “cookbook” to help those who have Microsoft’s Active Directory Domain Services (commonly referred to as “Active Directory” or “AD”) deployed, be able to configure it for compliance with the technical requirements of InCommon Silver.
- InCommon Silver with Active Directory Cookbook (published 2012)
- AD Silver Cookbook - Public Comments on Jan 2012 Draft
- For more information, you can review the minutes of our past calls: InCommon Silver with Active Directory Meeting Notes
Participant organizations have provided the content described on this page. Using these practices does not guarantee certification in the InCommon Assurance Program.