Custom ADFS 2 rule to add group names in Claim token

Setup: ADFS 2.0 server configured Problem: The default rule “Send LDAP attributes as Claims” will add¬†sAMAccountName attribute for every group in Claim token. If group name and¬†sAMAccountName are different, you need custom rules to populate the Claim with group names. Solution: Create the following two custom rules:

Read More

Add new realm to existing trusted identity provider in SharePoint 2010/2013

Setup: You have a SharePoint farm with an web application configured to use ADFS 2.0 for authentication via Trusted Identity Provider. Problem: You want to add another web application to this SharePoint farm and configure the authentication via ADFS Solution: Open SharePoint PowerShell and issue the following commands: where appname is the alias of your […]

Read More

Enable ADFS 2.0 debug log

Setup: ADFS 2.0 Federation server Problem: You need to troubleshoot some authentication issues and check the claims sent to RP Solution: Run the following command from a command prompt: Open Event Viewer, click the View menu and select Show Analytic and Debug Logs. This must be enabled for the AD FS 2.0 Tracing log to […]

Read More