Starting with the Windows Server 2003 R2 version, Microsoft introduced the Active Directory Federation Services (ADFS), a software component which provides users with single sign-on access to systems and applications located across organizational boundaries.
ADFS is part of the Active Directory Services.
The authenticated user is provided with a series of Claims related to his / her identity that are inserted into a Token, which is digitally signed (a SAML Token). This token is then recognized and used by the various applications that accept this authentication scheme which enables Single Sign On mode for an application.
The advantage is that the user authenticates once on the ADFS service and then does not need to provide his/her credentials again to the various application servers that may also be outside the network containing the Active Directory Domain.