Today Microsoft introduced a Community Technical Preview (CTP) of an Information Card Issuance Add-on for Active Directory Federation Services 2.0 that was released earlier this month.  The CTP provides a software component for Administrators to install on an AD FS 2.0 server and configure it for issuing Information Cards.  These Cards can be used in conjunction with username/password, X.509 digital certificates, or Kerberos authentication for requesting security tokens from an AD FS 2.0 server.

This CTP software will enable end users with IMI 1.0 or IMI 1.1 (draft) compliant identity selectors to obtain Information Cards from AD FS 2.0.  This includes the current CardSpace 2.0 beta, and CardSpace 1 which shipped with Windows 7 and Windows Vista and is available for download on Windows XP.  These Cards should work with other compatible identity selectors, both on Windows and on other platforms. 

The goal of the CTP is to advance the community’s understanding of the requirements and benefits of Information Cards through testing, pilots and other non-production experiments.  Please ask questions and provide your feedback using the ici-ctp@microsoft.com alias, or by participating in the Information Card Issuance Forum.

AD FS 2.0 shipped on May 5, 2010.  Why am I just getting around to blogging about it now you might ask.  Hmm.  Spend some vacation time in Paris with my wife … or come out of blog retirement?  But hey, “Better late than never, right?” 

As you can see from the date of my last post, I don’t like to take up your time unless I believe it’s really worth your while.  In November 2008 I moved from product development into an architectural role, working with governments on how to utilize federated, claims-based identity to ensure the safe, online delivery of public services to citizens.  But before I moved on I made you a promise that AD FS 2.0 would deliver SAML 2.0 protocol support. 

Last September AD FS 2.0 passed the Liberty Alliance SAML interoperability testing for our original design goals with flying colours.  Now all the fit and finish is done, and you too can experience the IdP Lite and SP Lite Operational Modes from the SAML 2.0 Conformance Specification, plus the eGov 1.5 Profile. 

But wait, there’s more.  AD FS 2.0 supports WS-Trust and WS-Federation too.  And as much as I love ADFSv1 (parental pride you know) … its big brother is so much easier to manage using federation metadata, automatic certificate rollover, and easy farm setup for high availability.  Plus out-of-the-box, AD FS 2.0 offers a policy interface for claims issuance and supports a SQL attribute store as well as Active Directory.  This is one powerful, but Admin-friendly Security Token Service.  I know you’ll find it worth the wait.

I want to congratulate the AD FS Development Team for staying the course, and serving up a job well done!  You can meet some of those heroes here, in several Channel 9 videos where they guide you through the features and capabilities of AD FS 2.0.