(2012-09-18) Claims Based Authorizations For Sharepoint Through ADFS (Part 5)
Posted by Jorge on 2012-09-18
–
For the previous part click on the following link: Claims Based Authorizations For Sharepoint Through ADFS (Part 4)
–
For information about how to install ADFS v2.0 see the blog post about Installing And Configuring ADFS v2 As An STS Server (part1, part 2, part 3) and about Installing And Configuring ADFS v2 As A PRX Server.
–
The configuration of ADFS consists of the following:
- Configuring (enabling/disabling) Endpoints
- Configuring Claims Descriptions
- Creating and configuring claims provider (CP) trusts
- Creating and configuring relying party (RP) trusts
–
For a demo environment it is not needed to do [1]. However, in whatever environment you are using ADFS you most likely need/must configure [2], [3] and [4].
–
Endpoints can be configured manually through the ADFS v2.0 MMC or through PowerShell using the Get-ADFSEndpoint and Set-ADFSEndpoint CMDlets.
The default list of Endpoints in ADFS is shown below
Get-ADFSEndpoint | Sort-Object FullUrl | FT ClientCredentialType,Enabled,FullUrl,Protocol -auto
Figure 1: Default List Of Endpoints In ADFS v2.0
–
Claims Descriptions can be configured manually through the ADFS v2.0 MMC or through PowerShell using the Get-ADFSClaimDescription, Add-ADFSClaimDescription and Set-ADFSClaimDescription CMDlets.
The default list of claims descriptions in ADFS is shown below
Get-ADFSClaimDescription | Sort-Object ClaimType | FT ClaimType,Name,IsAccepted,IsOffered -auto
Figure 2: Default List Of Claims Descriptions In ADFS v2.0
–
Using a PowerShell script I imported my own defined list of claims descriptions. The total list now looks like is shown below.
Figure 3: Total List Of Claims Descriptions In ADFS v2.0 (Default And Custom)
–
For the next part click on the following link: Claims Based Authorizations For Sharepoint Through ADFS (Part 6)
–
Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————
Claims Based Authorizations For Sharepoint Through ADFS (Part 6) « Jorge's Quest For Knowledge! said
[…] Server Core (2) « (2012-09-18) Claims Based Authorizations For Sharepoint Through ADFS (Part 5) […]
LikeLike