SharePoint via ADFS - Ant SharePoint Functionality Impacted
-
09-10-2020 - |
Domanda
We are exploring federating our on-premise SharePoint instance via ADFS -- there are many excellent technical SharePoint/ADFS guides available.
Is there a list of SharePoint functionality that may be lost if a user accesses via ADFS instead of via Active Directory?
Some thoughts: network drive mapping may not be available.
Soluzione
There are couples of things which I experienced.
- You have to write a custom claims provider in order to properly add users, without it Sharepoint except everything you typed in people picker.
- You need an NTLM authentication in default Zone for the search crawling.Search crawler is not aware of saml claims.
- if default zone with both authentication( NTLM & ADFS) then chances are user can set permission using ADFS & NT credential.But with custom claims provider you can restrict it.
- If default zone with NTLM and extended with ADFS, then there are issues with Alerts Because Alerts Use the default zone URL.
Also
- Search service will experience a lot of issues with ADFS crawling.
You will use Active Directory Import for User profile, which also has a limitation as compared to User Profile Sync.
Unable to Trust a Workflows that required Tenant Admin rights( another limitation of Saml).
- few of EE services are not Samls compatible i.e Visio, powerPivot, SQL SR
Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a sharepoint.stackexchange