I have two domains that are in separate forests with no trust. I have an external resource partner I need to access from either domain but I want only single ADFS server to have relying party trust with the resource partner. I don't want to exchange Metadata with another ADFS server and want my single ADFS server to handle all outside federation with resources. How do I allow a single ADFS server to provide SAML for either domain when no forest trust exists?
Also #2, domain 1 is accessed only via a web page application hosted in same domain/network AD resides. Users reside in AD and web site is hosted in IIS so basic authentication used--user enters credentials once and off to the races. But after user authenticates if user wants to access data on external resource which I must federate to, they would click a link within my web site. If user clicks link on my web site how do I configure code to contact my ADFS to get SAML so that user has SAML to access external resource partner?
I appreciate help.