Custom ADFS 2 rule to add group names in Claim token

Setup: ADFS 2.0 server configured Problem: The default rule “Send LDAP attributes as Claims” will add sAMAccountName attribute for every group in Claim token. If group name and sAMAccountName are different, you need custom rules to populate the Claim with group names. Solution: Create the following two custom rules:

Read More

Add new realm to existing trusted identity provider in SharePoint 2010/2013

Setup: You have a SharePoint farm with an web application configured to use ADFS 2.0 for authentication via Trusted Identity Provider. Problem: You want to add another web application to this SharePoint farm and configure the authentication via ADFS Solution: Open SharePoint PowerShell and issue the following commands: where appname is the alias of your […]

Read More

Enable ADFS 2.0 debug log

Setup: ADFS 2.0 Federation server Problem: You need to troubleshoot some authentication issues and check the claims sent to RP Solution: Run the following command from a command prompt: Open Event Viewer, click the View menu and select Show Analytic and Debug Logs. This must be enabled for the AD FS 2.0 Tracing log to […]

Read More