In this guide, we'll walk you through extending your on‑premises Microsoft Active Directory Domain Services (AD DS) and Active Directory Federation Services (AD FS) in order to establish a secure, claims‑based federation with Open Telekom Cloud's Identity and Access Management (IAM) platform. We are going to leverage the SAML 2.0 protocol to achieve seamless single‑sign‑on between your on-premises corporate directory and the Open Telekom Cloud IAM, ensuring both strong security and a smooth user experience.