Jorge's Quest For Knowledge!

All You Need To Know About Identity And Security On-Premises And In The Cloud. It's Just Like An Addiction, The More You Have, The More You Want To Have!

(2012-09-21) Claims Based Authorizations For Sharepoint Through ADFS (Part 8)

Posted by Jorge on 2012-09-21


For the previous part click on the following link: Claims Based Authorizations For Sharepoint Through ADFS (Part 7)

At this point, right after the creation of the RP trust, no issuance transform rules exist and also no delegation authorization rules exist. However, one claim rule exists in the issuance authorization rules and that is whatever you selected (“Permit All” or “Deny All”) previously during the creation of the RP trust.

image

Figure 1: Default List Of Issuance Authorization Rules For The “Claims Based Sharepoint App” Relying Party Trust

Under the hood the configuration of each claim rules is shown below.

(Get-ADFSRelyingPartyTrust "Claims Based Sharepoint App").IssuanceAuthorizationRules

image

Figure 2: Default Configuration Of Each Issuance Authorization Rule For The “Claims Based Sharepoint App” Relying Party Trust

Using a PowerShell script I imported my own defined list of issuance transform rules for the “Claims Based Sharepoint App” Relying Party Trust. The total list now looks like is shown below.

image image

Figure 3: Total List Of Issuance Transform Rules For The “Claims Based Sharepoint App” Relying Party Trust (Default And Custom)

Under the hood the configuration of each claim rules is shown below.

(Get-ADFSRelyingPartyTrust "Claims Based Sharepoint App").IssuanceTransformRules

image

image

Figure 4: Configuration Of Each Issuance Transform Rule For The “Claims Based Sharepoint App” Relying Party Trust (Default And Custom)

Using a PowerShell script I imported my own defined list of issuance authorization rules for the “Claims Based Sharepoint App” Relying Party Trust. The total list now looks like is shown below.

image

Figure 5: Total List Of Issuance Authorization Rules For The “Claims Based Sharepoint App” Relying Party Trust (Default And Custom)

Under the hood the configuration of each claim rules is shown below.

(Get-ADFSRelyingPartyTrust "Claims Based Sharepoint App").IssuanceAuthorizationRules

image

Figure 6: Configuration Of Each Issuance Authorization Rule For The “Claims Based Sharepoint App” Relying Party Trust (Default And Custom)

For the next part click on the following link: Claims Based Authorizations For Sharepoint Through ADFS (Part 9)

Cheers,

Jorge

———————————————————————————————

* This posting is provided "AS IS" with no warranties and confers no rights!

* Always evaluate/test yourself before using/implementing this!

* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/

———————————————————————————————

############### Jorge’s Quest For Knowledge #############

######### http://JorgeQuestForKnowledge.wordpress.com/ ########

———————————————————————————————

One Response to “(2012-09-21) Claims Based Authorizations For Sharepoint Through ADFS (Part 8)”

  1. […] Server Core (2) « (2012-09-21) Claims Based Authorizations For Sharepoint Through ADFS (Part 8) […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: