ADFS 3.0 Configuration for SharePoint 2013

You will need to change domain names to work in your environment

 

Run these commands using SharePoint management shell on SP Server::

 

$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\root\ADFS3.0\ADFSSTS.cer")

$map1 = New-SPClaimTypeMapping "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" -IncomingClaimTypeDisplayName "EmailAddress" -SameAsIncoming

$realm = "urn:ups:adsfservername.yourdomainname.com"

$signinurl = "https:// adsfservername.yourdomainname.com/adfs/ls/"

$ap = New-SPTrustedIdentityTokenIssuer -Name "ADFS3.0_Trust" -Description "ADFS3.0 Federated Server" -Realm $realm -ImportTrustCertificate $cert -ClaimsMappings $map1 -SignInUrl $signinurl -IdentifierClaim $map1.InputClaimType

New-SPTrustedRootAuthority "ADFS3.0_Trust" -Certificate $cert

 

 

Run these commands using SharePoint management shell on SP Server::

$certPath = "C:\root\ADFS3.0\ADFSSTS.cer"

$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("$certPath")

$root = New-SPTrustedRootAuthority "AD FS 3.0 STS" -Certificate $cert

$upd = Set-SPTrustedIdentityTokenIssuer -Identity "ADFS3.0_Trust" -ImportTrustCertificate $cert

 

 

Run these commands using SharePoint management shell on SP Server for site collection trust:

$ap = Get-SPTrustedIdentityTokenIssuer -Identity "ADFS3.0_Trust"

$uri = new-object System.Uri("https://xxx.yourdomainname.com:544/")

$ap.ProviderRealms.Add($uri, "https://xxx.yourdomainname.com:544/_trust/")

$ap.Update()

 

Run these commands using SharePoint management shell on SP Server for site collection trust:

$ap = Get-SPTrustedIdentityTokenIssuer -Identity "ADFS3.0_Trust"

$uri = new-object System.Uri("https://xxx.yourdomainname.com:544/sites/NonRoot544")

$ap.ProviderRealms.Add($uri, "https://xxx.yourdomainname.com:544/sites/NonRoot544/_trust/")

$ap.Update()

 

 

Reference link for ADFS:

https://blogit.create.pt/miguelmoreno/2014/11/14/configure-adfs-3-0-with-sharepoint-2013/

 

 

Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk