You are required to install and configure Active Directory Federation Services for AH Group enterprise network. Discuss the following: What trust relationship must be configured to secure trust relationships that makes users' digital identity and access rights available to trusted sites? How to use Windows Integrated Authentication and strong authentication technologies. How to use Lightweight Directory Access Protocol (LADP) binding to authenticate users. How does the authentication process enable Single Sign-On (SSO) to allow an end user accessing resources within multi-domain forest enterprise without having repeatedly supply their logon credentials. AD FS requires each server to have a certificate that used for SSL communication. Discuss each task that is involved in issuing an SSL certificate to root CAs authentication process. Note that the above design must be based on and also be applied to the project scenario. 2. Network Policy and Access Services You are required to install and configure Network Policy and Access Services for AH Group enterprise. Discuss the following: The Network Policy and Access Services in Windows Server 2012 includes the specific role services of Network Policy Serve (NPS), Health Registration Authority (HRA), and Host Credential Authorisation Protocol (HCAP). In your design, do you plan to install all three specific roles, or just one or two of them? Explain why. Note that all above design must be based on and also can apply to the project scenario. You need to apply a private IPv4 network address to design your IP settings for AH Groups Enterprise Network. Then create a high availability for DHCP solution to service the new enterprise network multi-domain forests. It must include availability for DHCP failover, split scopes, and DHCP name protection. At this stage, each domain/child domain has 50 nodes. There are total of 150 nodes in the enterprise. (You should consider an IPAM server.) Note that the above design must be based on and also be applied to the project scenario. All your Part B practice tasks must be configured based on these IP settings. Design an advanced DNS solution to configure DNS Logging, Delegated Administration, Recursion, Netmask ordering, and GlobalNames zone. Refer to Figure 1 for all domain names be used in the enterprise network. Note that all above design must be based on and also can apply to the project scenario.