ADFS as Identity provider for SharePoint 2010 Claims site – Part II

This blog post is continuation of Part I which explains how to configure ADFS as Identity provider for SharePoint.

In this blog I will explain the remaining 2 steps:

Step 2: Configure a Claims based Web Application

The configuration of a claims-based SharePoint web application can be achieved using Windows PowerShell. The steps to be followed are as follows

  1. From the Windows Power Shell command prompt (PS C:\>), create an x509Certificate2 object using the following code:

$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2(“path to cert file”)

  1. Create a claim type mapping to use in your trusted authentication provider using the following code

New-SPClaimTypeMapping “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress”-IncomingClaimTypeDisplayName “EmailAddress” –SameAsIncoming

  1. Create a trusted login provider by first creating a value for the realm parameter using the following code

$realm = “https://sitename/_trust/”

  1. Create a value for the signinurl parameter that points to the Security Token Service Web application using the following code

$signinurl = “https://sitename/adfs/ls/”

  1. Create the trusted login provider, using the same IdentifierClaim value as in a claim mapping ($map1.InputClaimType) using the following code.

$ap = New-SPTrustedIdentityTokenIssuer –Name “Adfs” -Description “Windows® Identity Foundation” –Realm $realm -ImportTrustCertificate $cert -ClaimsMappings $map1[,$map2..] –SignInUrl $signinurl -IdentifierClaim $map1.InputClaimType

Complete script :

 $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2(“C:\226Cert.cer”)

$map1 = New-SPClaimTypeMapping  “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress”-IncomingClaimTypeDisplayName “EmailAddress” –SameAsIncoming

$realm = “https://sitename/_trust/”

$signinurl =” https://servername/adfs/ls/”

$ap = New-SPTrustedIdentityTokenIssuer –Name “Adfs” -Description “Windows Identity Foundation” –Realm $realm -ImportTrustCertificate $cert -ClaimsMappings $map1 –SignInUrl $signinurl -IdentifierClaim $map1.InputClaimType


Root Certificate Authority:

The certificate earlier exported in Step 1, is added as a Root Certificate in Central Administration via UI.

Step 3: Change the authentication for SharePoint Web Application
  • Go to Central Administration and go to Manage Web Applications page in Application management.
  • Select the Web application you created.
  • Click on the Authentication Providers and click on the Claims Based Authentication.
  • In the dialog box, scroll the authentication providers and select Trusted Identity Providers.
  • That will enable the Adfs which we have created in the earlier step.
  • Select the provider and click Ok.
  • Create a site collection in the web application.
  • To add the site collection administrator, click on the People picker and type the complete the email address of the user.
  • Now you should be able select the authentication provider from Windows Authentication and Adfs when you browse the site.
  • You can remove Windows authentication from the Authentication Providers if you don’t need it.

Now you have a SharePoint web application setup with ADFS as Identity provider.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Find all Private channels in a Team

Private channel in a team is an access controlled space available only for Owners and Members of the channel. Guests can be added to private channel as long as they are already member of the team. This should do for a quick intro about private channels. Well, the point of this post is it not […]

Read More

Disable feedback surveys in Power Platform

If you have worked in Microsoft 365 PowerApps or Power Automate, you might be familiar with feedback survey which pops up quite often. Microsoft wants your feedback on how likely are your to recommend Power Automate to a friend or colleague? Well, I ran into a conversation in twitter about this survey. Apparently I learnt […]

Read More

Missing a column in SharePoint list/library filter pane

Missing a column in SharePoint list/library filter pane? It is normal. Not all columns are available in the filter pane by default. What is filter pane? Filter pane is available in the top right hand corner in list or library page. It is available by clicking on the funnel icon. Filters available are based on […]

Read More