Step 1: Set Microsoft Office SharePoint Server 2007 to accept tokens from the Contoso federation server

Applies To: Active Directory Federation Services (AD FS) 2.0

Step 1: Set Microsoft Office SharePoint Server 2007 to accept tokens from the Contoso federation server

In this step, we reconfigure the SharePoint site that is installed on CONTOSOSRV02 so that it can accept tokens from AD FS 2.0:

• Configure the SharePoint site with a custom Role and Membership provider. The SharePoint site application code calls this Role and Membership provider to validate a user and role information and also get user information at invite and access time, such as the user name and what roles the user belongs to.

• Configure the SharePoint site to trust the Contoso Federation Service and accept security tokens from it.

To configure the SharePoint site to trust and use the Contoso federation server

1. Log on to the CONTOSOSRV02 computer as CONTOSO\Administrator with "demo!23" as the user password.

2. Click Start, All Programs, click Microsoft Federation Extensions for SharePoint, and then click Federation Utility for SharePoint 3.0.

3. For the Administrator Configuration file location, browse to c:\inetpub\wwwroot\wss\VirtualDirectories\37101 and select web.config, and then click Next.

4. For the Application configuration location, browse to c:\inetpub\wwwroot\wss\VirtualDirectories\docs.contoso.com443, and then select web.config.

5. For the application URI, type https://docs.contoso.com.

6. For SharePoint Security Zone for the Application, select Extranet, and then click Next.

7. For STS WS-Federation metadata document location, type https://sts1.contoso.com, and then click Next.

8. On the next screen, keep Disable certificate chain validation, and then click Next.

9. On the next screen, keep the No encryption option selected, and then click Next.

10. Click Next again, and then click Finish. After you click Finish, it will take few minutes to configure.

11. Click OK when the SharePoint site is fully configured.