Created
December 10, 2017 13:27
-
-
Save VenkateshKadiri66/f080813e896d4f04516903f9a8690a72 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ################################################################################################################################# | |
| # SharePoint Trusted Identity Token Issuer Realm Configuration for Web Applications # | |
| # # | |
| # Usage - This script is used to add/remove a realm and url to or from an existing Trusted Identity Token Issuer # | |
| # # | |
| # Parameters # | |
| # $Realm - This is the realm name given by or agreed by the ping team for this connection. # | |
| # SP team will decide what the realm should be # | |
| # $Identity - This is the name given to the base trusted identity Token Issuer, which is shown # | |
| # under claims providers in SP. # | |
| # $Uri - This is the url of the web application. # | |
| ################################################################################################################################# | |
| Add-PSSnapin -Name Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue | |
| Write-Host -ForegroundColor Yellow "`r`nInitializing SharePoint Trusted Identity Token Issuer Provider realm Setup....`r`n" | |
| #Check if the Identity of default Claims Provider can be confimed | |
| Try | |
| { | |
| $Realm = "urn:rp:spteamsite" | |
| $Identity = "sts-adfs-teamsite" | |
| $WebAppUrl = "https://teamsite.contoso.com" | |
| $Uri = new-object System.Uri($WebAppUrl) | |
| $TokenIssuer = Get-SPTrustedIdentityTokenIssuer -Identity $Identity | |
| }Catch{ Write-Host -ForegroundColor DarkRed "`r`nError while fetching Trusted Identity Token Issuer($Identity) : $($Error[0])"; return } | |
| #Get all additonal providers | |
| If($TokenIssuer.ProviderRealms.ContainsValue($Realm)) | |
| { | |
| #Generate Swicth options | |
| $Title = "`r`nRemove $realm from Trusted Identity Token Issuer" | |
| $Message = "Do you want to remove realm: $realm and Url: $($Uri.AbsoluteUri) from the base Token Issuer : $Identity ?" | |
| $Yes = New-Object System.Management.Automation.Host.ChoiceDescription "&Yes","Remove existing provider." | |
| $No = New-Object System.Management.Automation.Host.ChoiceDescription "&No","No, do not remove the realm." | |
| $Options = [System.Management.Automation.Host.ChoiceDescription[]]($Yes, $No) | |
| $Result = $host.ui.PromptForChoice($Title, $Message, $Options, 0) | |
| Switch ($Result) | |
| { | |
| 0 { | |
| Try | |
| { | |
| $Result = $TokenIssuer.ProviderRealms.Remove($uri) | |
| If($Result) #Check if the action was completed successfully | |
| { | |
| $TokenIssuer.Update() | |
| Write-Host -ForegroundColor DarkGreen "`r`nUpdate complete: Realm($realm) removed from Trusted Identity Token Issuer: $Identity`r`n" | |
| }Else | |
| { | |
| Write-Host -ForegroundColor DarkYellow "`r`nThe given realm $realm does not exist under Trusted Identity Store : $Identity ,no action taken.`r`n" | |
| } | |
| }Catch { Write-Host -ForegroundColor DarkYellow "`r`nCould not remove $realm due to : $($Error[0])`r`n" } | |
| return | |
| } | |
| 1{ Write-Host -ForegroundColor Yellow "`r`nNo action taken" } | |
| } | |
| }Else | |
| { | |
| #Generate Swicth options | |
| $Title = "`r`nAdd new Realm to Trusted Identity Token Issuer" | |
| $Message = "Do you want to add realm: $realm and Url: $($Uri.AbsoluteUri) to the base provider : $Identity ?" | |
| $Yes = New-Object System.Management.Automation.Host.ChoiceDescription "&Yes","Add new provider." | |
| $No = New-Object System.Management.Automation.Host.ChoiceDescription "&No","No, do not add new provider." | |
| $Options = [System.Management.Automation.Host.ChoiceDescription[]]($Yes, $No) | |
| $Result = $host.ui.PromptForChoice($Title, $Message, $Options, 0) | |
| Switch ($Result) | |
| { | |
| 0 { | |
| Try | |
| { | |
| $TokenIssuer.ProviderRealms.Add($uri,$realm) | |
| $TokenIssuer.Update() | |
| Write-Host -ForegroundColor DarkGreen "`r`nUpdate complete: Realm($realm) added to Trusted Identity Token Issuer: $Identity`r`n" | |
| }Catch | |
| { | |
| [String]$ErMsg = $($Error[0]) #Check if the realm was already added to the Identity Store | |
| If($ErMsg.Contains("An item with the same key has already been added")) | |
| { | |
| Write-Host -ForegroundColor Green "`r`n The realm/Url [$realm , $Uri] has already been added to Trusted Identity Store : $Identity`r`n" | |
| }Else | |
| { | |
| Write-Host -ForegroundColor DarkYellow "`r`nCould not add $realm due to : $($Error[0])`r`n" | |
| } | |
| } | |
| return | |
| } | |
| 1 { Write-Host -ForegroundColor Yellow "`r`nNo action taken" } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment