Export (0) Print
Expand All

Configuring SharePoint AAM applications with AD FS

Published: January 11, 2010

Updated: February 1, 2011

Applies To: Unified Access Gateway

This topic describes how to configure your SharePoint alternate access mapping (AAM) application and Active Directory Federation Services (AD FS) server to allow users to access your SharePoint AAM application using AD FS.

  1. Configure your SharePoint server to use Web SSO authentication using AD FS as described in Configure Web SSO authentication by using ADFS (Office SharePoint Server) http://go.microsoft.com/fwlink/?LinkID=180365.

    noteNote:
    In the procedure “Allowing users access to your extranet Web site”, in step 4.e, add the organization claim name exactly as it is configured on the AD FS server.

    In step 7, use the XML from Single sign on XML.

  2. Create the SharePoint application in AD FS as a claims-aware application (use the external hostname of the SharePoint application as the application URL). For more information, see Add a New Claims-Aware Application to the Federation Service http://go.microsoft.com/fwlink/?LinkId=180366.

  3. Configure the Cookie Domain field as described in To configure IIS and the AD FS Web Agent.

Valid XML for allowing users access to your extranet Web site is shown below:

<membership defaultProvider="SingleSignOnMembershipProvider2">
<providers>
<add name="SingleSignOnMembershipProvider2" type="System.Web.Security.SingleSignOn.SingleSignOnMembershipProvider2, System.Web.Security.SingleSignOn.PartialTrust, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="SingleSignOnRoleProvider2">
<providers>
<add name="SingleSignOnRoleProvider2" type="System.Web.Security.SingleSignOn.SingleSignOnRoleProvider2, System.Web.Security.SingleSignOn.PartialTrust, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</providers>
</roleManager>
<websso>
<authenticationrequired />
<auditlevel>55</auditlevel>
<urls>
<returnurl>https://your_application</returnurl>
</urls>
<fs>https://fs-server/adfs/fs/federationserverservice.asmx</fs>
<isSharePoint />
</websso>

noteNote:
Make sure that you enter your own values for <returnurl>https://your_application</returnurl> and <fs>https://fs-server/adfs/fs/federationserverservice.asmx</fs>.

 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft