ADFS as Identity provider for SharePoint 2010 Claims web site – Part I

I am going to explain how to set up ADFS as Identity provider for SharePoint 2010 Claims web site. I am splitting this topic into 2 blogs(part I & part II) considering the length.

This this the first part which explains how to Configure ADFS 2.0 as Identify provider. Part II has the remaining 2 steps of Configuring a Claims based website and changing the authentication to ADFS.

Step 1:  Configure ADFS 2.0 as Identity Provider
1.1 Creating relying party trust.
1.      Open the ADFS 2.0 management console and expand on Trust Relations
2.      Relying Party Trust is selected.
3.      Click on Add Relying Party trust.
4.      Select enter data about relying party manually.
Relying party
5.      Give a name for the relying party as SharePoint.
Relying party name
  1. Select ADFS 2.0 profile and click next.
  2. Selecting a certificate for encryption is optional. Click next. Token is not encrypted. So no certificate is selected.
  3. Select Enable support for WS-Federation Passive Protocol. Give the url of your web application with /_trust/ at the endIn this case it is : https://sitename/_trust/)
  1. Click next
  1. Do not add any identifiers. Click next.
  2. Select permit all users to access this relying party. Click next

Relying party trust

  1. Verify the configuration and click next at the following screen.
  2. Leave the check box “Open the edit claim rules dialog…” and click on Close.
  3. Then click on Add rules.

Edit Claims

 

15.  Select the claim rule template as “Send LDAP attributes as claims

ADFS as Identity provider for SharePoint

16.  Give a name for the claim rule. Select Active Directory as attribute store.Click on the dropdown and select SAM Account Name in the LDAP attribute.

Select E-Mail address as the outgoing claim type.

Here we are sending email address as a claim. It will be our identifier claim also.ADFS as Identity provider for SharePoint

 

1.2 Export Certificate
1.      Open ADFS 2.0 management console.
2.      Expand Service and select Certificates.
3.      Right click on Token Signing Certificate and select view certificate.
4.      In the Certificate windows select Details tab and click on copy to file.
Export Certificate
5.      In the Certificate Export wizard click next.
6.      Select DER encoded binary X.509 and click next.
7.      Give a location where you want to save the exported certificate.
8.      Click on finish.
9.      Copy this certificate to the server where the SharePoint server is installed.
Remaining steps are continued in Part II

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Find all Private channels in a Team

Private channel in a team is an access controlled space available only for Owners and Members of the channel. Guests can be added to private channel as long as they are already member of the team. This should do for a quick intro about private channels. Well, the point of this post is it not […]

Read More

Disable feedback surveys in Power Platform

If you have worked in Microsoft 365 PowerApps or Power Automate, you might be familiar with feedback survey which pops up quite often. Microsoft wants your feedback on how likely are your to recommend Power Automate to a friend or colleague? Well, I ran into a conversation in twitter about this survey. Apparently I learnt […]

Read More

Missing a column in SharePoint list/library filter pane

Missing a column in SharePoint list/library filter pane? It is normal. Not all columns are available in the filter pane by default. What is filter pane? Filter pane is available in the top right hand corner in list or library page. It is available by clicking on the funnel icon. Filters available are based on […]

Read More