active directory – Cross Domain Authentication with ADFS (no domain trust)

yesterday i was asked whether it is possible to establish a cross domain authentication with ADFS.

Scenario:

  • Two different Windows Domains (A & B) without any trust configuration
  • Network access between Domains is established with IPSec Site2Site (all ports needs to be opened separately)
  • One specific Windows Service on a server in Domain A has to use an AD Account from Domain B for logon (Windows Service -> Logon -> This Account -> Account from Domain B)

Our partner doesn´t want to establish a domain trust due to security reasons and is therefore asking, if we could realize this athentication process through ADFS?

ADFS is quite new to me and i´m not sure if this scenario is even possible with ADFS?

Kind regards,
Björn