AD FS 2.0 for Windows PowerShell Basics
Applies To: Active Directory Federation Services (AD FS) 2.0
After you run Setup for Active Directory Federation Services (AD FS) 2.0, the AD FS 2.0 snap-in for Windows PowerShell is registered and available for use. To confirm that the Windows PowerShell cmdlets for AD FS 2.0 are ready, use the following procedure to verify that the AD FS 2.0 module is registered with Windows PowerShell
To verify that the AD FS 2.0 snap-in is registered with Windows PowerShell
Open Windows PowerShell.
To open Windows PowerShell, click Start, then click Run and then type "powershell' and then press ENTER.
At the Windows PowerShell command prompt, type the following command, and then press ENTER:
Get-PSSnapin –RegisteredIf AD FS 2.0 Setup has been run previously, you should see the following command-line output:
Name : Microsoft.Adfs.PowerShell PSVersion : 1.0 Description : This PowerShell snap-in contains cmdlets used to manage Microsoft Identity Server resources.
After you confirm that the snap-in is registered, you can use the following procedure to add the AD FS 2.0 snap-in to your current Windows PowerShell session. This enables you to use AD FS 2.0 cmdlets i in any of your Windows PowerShell scripts.
To add the AD FS 2.0 snap-in to a Windows PowerShell session
At the Windows PowerShell command prompt, type the following command, and then press ENTER:
Add-PSSnapin Microsoft.Adfs.PowerShell
After the AD FS 2.0 snap-in is added, you can get additional cmdlet Help by using the Get-Help cmdlet.
You can set the AD FS 2.0 snap-in to be loaded automatically by adding it to your Windows PowerShell profile. Complete the following procedure to add the AD FS 2.0 snap-in to your Windows PowerShell profile. A Windows PowerShell profile allows you to store and retain aliases, functions and variables for use in later sessions. For more information about Windows PowerShell profiles, see Windows PowerShell Profiles (https://go.microsoft.com/fwlink/?LinkId=178269).
To load the AD FS 2.0 snap-in automatically when Windows PowerShell launches
Open your preferred profile for editing. For example, at the Windows PowerShell command prompt, type the following command, and then press ENTER:
notepad $profileUsing Notepad, type or paste the following command into the profile:
Add-PSSnapin Microsoft.Adfs.PowerShellSave the profile, and exit Notepad.
If you have not done so already, to allow local unsigned scripts to be run in Windows PowerShell, at the Windows PowerShell command prompt, type the following command, and then press ENTER:
Set-ExecutionPolicy RemoteSigned
Note
To run any of the AD FS 2.0 cmdlets, you must have administrative credentials. To ensure that you have the proper credentials, when you open a Windows PowerShell command prompt window, select the Run as Administrator option.
All AD FS 2.0 cmdlets are named with "ADFS" as a prefix. This makes it possible for you to list all of them by using the following procedure.
To list all the AD FS 2.0 cmdlets for Windows PowerShell
To view a list of all the AD FS 2.0 cmdlets, at the Windows PowerShell command prompt, type the following command, and then press ENTER:
Get-Command *-ADFS*To list all the cmdlets that are supported for a particular AD FS 2.0 resource, at the Windows PowerShell command prompt, type the following command, and then press ENTER:
Get-Command *-ADFS<object_name>Where
<object_name>is the name of the cmdlet object that you want Help for.
To get Help for the AD FS 2.0 cmdlets for Windows PowerShell
For example, to get Help for working with AD FS 2.0 properties, type the following command, and then press ENTER:
Get-Help *-ADFSProperties*To get Help for a specific cmdlet, use the following command format:
Get-Help <verb>-ADFS<object_name>For example, to get Help for the Set-ADFSProperties cmdlet, at the Windows PowerShell command prompt, type the following command, and then press ENTER:
Get-Help Set-ADFSProperties