I'm pretty sure the answer to this question is no, but I need a response from the experts since I have zero experience in federated identity management.
Scenario:
Two different local colleges, College 1 and College 2 - separate AD forests - no trusts whatsoever.
Boss wants students from College 1 to be able to visit College 2 and login to College 2 Windows lab computers using College 1 Active Directory domain accounts.
But, boss does not want the scenario of setting up trusts between the forests and instead asked if ADFS is a possible solution. I believe the answer is no, since ADFS seems to apply to web app authentication and not desktop authentication. Am I understanding this correctly? I assume the answer is the same for Shibboleth.
Thanks -
William