Jorge's Quest For Knowledge!

All About Identity And Security On-Premises And In The Cloud – It's Just Like An Addiction, The More You Have, The More You Want To Have!

«
»

(2012-09-18) Claims Based Authorizations For Sharepoint Through ADFS (Part 5)

Posted by Jorge on 2012-09-18


For the previous part click on the following link: Claims Based Authorizations For Sharepoint Through ADFS (Part 4)

For information about how to install ADFS v2.0 see the blog post about Installing And Configuring ADFS v2 As An STS Server (part1, part 2, part 3) and about Installing And Configuring ADFS v2 As A PRX Server.

The configuration of ADFS consists of the following:

  1. Configuring (enabling/disabling) Endpoints
  2. Configuring Claims Descriptions
  3. Creating and configuring claims provider (CP) trusts
  4. Creating and configuring relying party (RP) trusts

For a demo environment it is not needed to do [1]. However, in whatever environment you are using ADFS you most likely need/must configure [2], [3] and [4].

Endpoints can be configured manually through the ADFS v2.0 MMC or through PowerShell using the Get-ADFSEndpoint and Set-ADFSEndpoint CMDlets.

The default list of Endpoints in ADFS is shown below

Get-ADFSEndpoint | Sort-Object FullUrl | FT ClientCredentialType,Enabled,FullUrl,Protocol -auto

image111111_thumb2_thumb1

Figure 1: Default List Of Endpoints In ADFS v2.0

Claims Descriptions can be configured manually through the ADFS v2.0 MMC or through PowerShell using the Get-ADFSClaimDescription, Add-ADFSClaimDescription and Set-ADFSClaimDescription CMDlets.

The default list of claims descriptions in ADFS is shown below

Get-ADFSClaimDescription | Sort-Object ClaimType | FT ClaimType,Name,IsAccepted,IsOffered -auto

image11111_thumb3_thumb1

Figure 2: Default List Of Claims Descriptions In ADFS v2.0

Using a PowerShell script I imported my own defined list of claims descriptions. The total list now looks like is shown below.

image612_thumb2_thumb1

Figure 3: Total List Of Claims Descriptions In ADFS v2.0 (Default And Custom)

For the next part click on the following link: Claims Based Authorizations For Sharepoint Through ADFS (Part 6)

Cheers,

Jorge

———————————————————————————————

* This posting is provided "AS IS" with no warranties and confers no rights!

* Always evaluate/test yourself before using/implementing this!

* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/

———————————————————————————————

############### Jorge’s Quest For Knowledge #############

######### http://JorgeQuestForKnowledge.wordpress.com/ ########

———————————————————————————————

This entry was posted on 2012-09-18 at 07:26 and is filed under Active Directory Federation Services (ADFS), Sharepoint Server. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “(2012-09-18) Claims Based Authorizations For Sharepoint Through ADFS (Part 5)”

  1. Claims Based Authorizations For Sharepoint Through ADFS (Part 6) « Jorge's Quest For Knowledge! said

    2012-09-19 at 07:20

    […] Server Core (2) « (2012-09-18) Claims Based Authorizations For Sharepoint Through ADFS (Part 5) […]

    Like

    Reply

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

«
»