Jorge's Quest For Knowledge!

All You Need To Know About Identity And Security On-Premises And In The Cloud. It's Just Like An Addiction, The More You Have, The More You Want To Have!

(2012-09-18) Claims Based Authorizations For Sharepoint Through ADFS (Part 5)

Posted by Jorge on 2012-09-18


For the previous part click on the following link: Claims Based Authorizations For Sharepoint Through ADFS (Part 4)

For information about how to install ADFS v2.0 see the blog post about Installing And Configuring ADFS v2 As An STS Server (part1, part 2, part 3) and about Installing And Configuring ADFS v2 As A PRX Server.

The configuration of ADFS consists of the following:

  1. Configuring (enabling/disabling) Endpoints
  2. Configuring Claims Descriptions
  3. Creating and configuring claims provider (CP) trusts
  4. Creating and configuring relying party (RP) trusts

For a demo environment it is not needed to do [1]. However, in whatever environment you are using ADFS you most likely need/must configure [2], [3] and [4].

Endpoints can be configured manually through the ADFS v2.0 MMC or through PowerShell using the Get-ADFSEndpoint and Set-ADFSEndpoint CMDlets.

The default list of Endpoints in ADFS is shown below

Get-ADFSEndpoint | Sort-Object FullUrl | FT ClientCredentialType,Enabled,FullUrl,Protocol -auto

image111111_thumb2_thumb1

Figure 1: Default List Of Endpoints In ADFS v2.0

Claims Descriptions can be configured manually through the ADFS v2.0 MMC or through PowerShell using the Get-ADFSClaimDescription, Add-ADFSClaimDescription and Set-ADFSClaimDescription CMDlets.

The default list of claims descriptions in ADFS is shown below

Get-ADFSClaimDescription | Sort-Object ClaimType | FT ClaimType,Name,IsAccepted,IsOffered -auto

image11111_thumb3_thumb1

Figure 2: Default List Of Claims Descriptions In ADFS v2.0

Using a PowerShell script I imported my own defined list of claims descriptions. The total list now looks like is shown below.

image612_thumb2_thumb1

Figure 3: Total List Of Claims Descriptions In ADFS v2.0 (Default And Custom)

For the next part click on the following link: Claims Based Authorizations For Sharepoint Through ADFS (Part 6)

Cheers,

Jorge

———————————————————————————————

* This posting is provided "AS IS" with no warranties and confers no rights!

* Always evaluate/test yourself before using/implementing this!

* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/

———————————————————————————————

############### Jorge’s Quest For Knowledge #############

######### http://JorgeQuestForKnowledge.wordpress.com/ ########

———————————————————————————————

One Response to “(2012-09-18) Claims Based Authorizations For Sharepoint Through ADFS (Part 5)”

  1. […] Server Core (2) « (2012-09-18) Claims Based Authorizations For Sharepoint Through ADFS (Part 5) […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: