Enabling Integrated Windows Authentication on ADFS 2.0

Complete this task to enable Integrated Windows Authentication (IWA) on Active Directory Federation Services (ADFS) 2.0.

About this task

If you are not an ADFS administrator, provide this information to the person who is.

You must also set Enable Single Sign-on to Yes in the Client Settings tab of the IdP configuration document that you create for the ID Vault.


  1. On the ADFS server, open IIS Management.
  2. Navigate to the entry adfs - ls.
  3. In the Features view, select Authentication.
  4. Enable Windows Authentication and disable Forms Authentication.
  5. Select Advanced Settings.
  6. If you have Notes client or Chrome browser users, set Extended Protection to Off.
  7. Restart IIS.
  8. Verify that the Active Directory user account contains the correct Notes user information (for example, mail address).