[SP201x] Adding a ADFS trusted identity token issuer to a webapp using Powershell

There is a lot of information on how to link SharePoint 2010 or 2013 to an AD FS instance. But for some reason, most of those blogs include a manual step to enable the newly created authentication provider in Central Admin. I don’t like manual steps, so here is a little script which does the same, but in Powershell instead:

 

$issuerName = "ADFS"
$webApp_Url = "https://portal.contoso.com/"
$webApp_zone = "Default"

# Get the list of currently configured authentication providers in the specified webapp/zone
$authProviders = Get-SPAuthenticationProvider -WebApplication $webApp_Url -Zone $webApp_zone

# Check if the provider is already present, otherwise skip adding it
if (($providers | ? { $_.DisplayName -eq $issuerName }) -eq $null)
{
	# create an array which will hold the new list of authentication providers
	$newProviders = @()

        # add all the previously configured providers to the list
	foreach ($provider in $authProviders)
	{
		$newProviders += $provider
	}

	# add our new provider 
	$newProviders += New-SPAuthenticationProvider -TrustedIdentityTokenIssuer $issuerName
	
        # configure the web application (zone) to use this new list of providers
	Set-SPWebApplication -Identity $webApp_Url -Zone $webApp_zone -AuthenticationProvider $newProviders
}

Related posts

Latest posts

Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *