Below is an example powershell script for configuring federated SSO for SharePoint: "claims-authn-sso-common.ps1"

#
# Common configuration part of PowerShell scripts for configuring federated SSO for SharePoint via the DualShield IdP
#

# Configuration
# Specify arbitrary name for remote Identity Provider
$idpName = "DualShield Federation"

# Specify name of existing Web application in SharePoint
$webApplicationName = "http://sp2013.qadomain.com"

# Specify relative name of file with PEMencoded IdP certificate
# The file must be in the same folder as this script
$idpCertFile = "DualShieldIdP.crt"

# Specify relative name of file with PEMencoded CA certificate
# The file must be in the same folder as this script
$caCertFile = "SSOServerCA.crt"

# Specify arbitrary name for trusted root CA to be created for IdP certificate
$idpTrustedRootCaName = "ca.qadomain.com"

# Specify the URL of DualShield IdP
$idpSigninUrl = "https://dualshield.qadomain.com:8074/appsso/wsfed/login/kvps/DASApplicationName/sharepoint/SPName/sharepoint"

  1. Enter the SharePoint application according in "$webApplicationName".
  2. Specify the DualShield Authentication Server's IdP certificate name in "$idpCertFile".
  3. Specify the DualShield Authentication Server's SSO certificate name in "$caCertFile".
  4. Specify the DualShield Authentication Server's root CA certificate in "$idpTrustedRootCaName".
  5. For the "$idpSigninUrl", enter the text below: https://dualshield.qadomain.com:8074/appsso/wsfed/login/kvps/DASApplicationName/sharepoint/SPName/sharepoint 
    Replace "dualshield.qadomain.com" with the FQDN of your DualShield server, "sharepoint" with the application name of the SharePoint in your DualShield server, "sharepoint" with the Service Providers name of the SharePoint in your DualShield server.

 

 

 

  • No labels