Active Directory Federation Services and SharePoint

sharepoint.stackexchange https://sharepoint.stackexchange.com//questions/50516

Question

Here is my situation; we are developing a sharepoint portal that should be accessed from multiple different domains. And users from different domains should not enter their credentials. As far as i know, if the domains are trusted, then nothing to configure on sharepoint, we can choose people from different domains in People Picker, so it is ok.

But the domains i am talking about is not trusted but, i have been told that there is a federation service, (i think ADFS) in these domains.

So what can i do to make people from different domains to access the portal without entering username/password ?

Besides i dont know much about ADFS concept and ADFS-SharePoint relation?

Thanks in advance for any kind of information.

Was it helpful?

Solution

you should be understanding the concept of Authentication Providers in Sharepoint which makes use of claims based authentication. For your requirement you need to implement SSO for your application which would be done by STS in Sharepoint 2010.You need to implement and get the SAML2.0 token from Identity provider(that is the 3rd party network) and convert to SAML1.1 token because Sharepoint does not understand SAML 2.0.So you need to write a code for this conversion.Then run the powershell scripts so that your web application can trust the claims. http://technet.microsoft.com/en-us/library/ff607753.aspx

I suggest to write the code for conversion and try to run it in IIS.if the conversion if fine.Make it work for the web application by running the powershell scripts. I refered the below link to implement this : http://sharepointdragons.com/2012/02/27/saml-2-in-sharepoint-2010/

OTHER TIPS

You will need to understand Claims Authentication and how SAML + ADFS fits into a single authentication umbrella for authenticating users from multiple domains to a single sharepoint 2010 farm.

configure AD FS v 2.0 in SharePoint Server 2010

Implementing Claims for SharePoint 2010

Custom Claims provider for people picker

Claims Based Identity & Access Control Guide from Microsoft: http://claimsid.codeplex.com/

Includes an appendix on SharePoint. But you should read the entire thing to understand the concepts. It is not a trivial exercise.

Licensed under: CC-BY-SA with attribution
Not affiliated with sharepoint.stackexchange
scroll top