There is a lot of information on how to link SharePoint 2010 or 2013 to an AD FS instance. But for some reason, most of those blogs include a manual step to enable the newly created authentication provider in Central Admin. I don’t like manual steps, so here is a little script which does the same, but in Powershell instead:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 |
$issuerName = "ADFS" $webApp_Url = "https://portal.contoso.com/" $webApp_zone = "Default" # Get the list of currently configured authentication providers in the specified webapp/zone $authProviders = Get-SPAuthenticationProvider -WebApplication $webApp_Url -Zone $webApp_zone # Check if the provider is already present, otherwise skip adding it if (($providers | ? { $_.DisplayName -eq $issuerName }) -eq $null) { # create an array which will hold the new list of authentication providers $newProviders = @() # add all the previously configured providers to the list foreach ($provider in $authProviders) { $newProviders += $provider } # add our new provider $newProviders += New-SPAuthenticationProvider -TrustedIdentityTokenIssuer $issuerName # configure the web application (zone) to use this new list of providers Set-SPWebApplication -Identity $webApp_Url -Zone $webApp_zone -AuthenticationProvider $newProviders } |
