Skip to content

Instantly share code, notes, and snippets.

@jameswinegar

jameswinegar/Office365-parse-gsuite-idp-metadata.ps1

Created January 2, 2019 01:27
Show Gist options
  • Save jameswinegar/7e7e76bc361e7cb5b578478671d8330e to your computer and use it in GitHub Desktop.
Save jameswinegar/7e7e76bc361e7cb5b578478671d8330e to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Office365-parse-gsuite-idp-metadata.ps1
# If you want to automate getting the domain SSO metadata see https://developers.google.com/admin-sdk/admin-settings/#managing_single_sign-on_settings
[xml]$idp = Get-Content C:\Path\to\xml\GoogleIDPMetadata-$domainName.xml
$activeLogonUri = "https://login.microsoftonline.com/login.srf"
$signingCertificate = ($idp.EntityDescriptor.IDPSSODescriptor.KeyDescriptor.KeyInfo.X509Data.X509Certificate | Out-String).Trim()
$issuerUri = $idp.EntityDescriptor.entityID
$logOffUri = $idp.EntityDescriptor.IDPSSODescriptor.SingleSignOnService.Location[0]
$passiveLogOnUri = $idp.EntityDescriptor.IDPSSODescriptor.SingleSignOnService.Location[0]
Set-MsolDomainAuthentication `
-DomainName $domainName `
-FederationBrandName $domainName `
-Authentication Federated `
-PassiveLogOnUri $passiveLogOnUri `
-ActiveLogOnUri $activeLogonUri `
-SigningCertificate $signingCertificate `
-IssuerUri $issuerUri `
-LogOffUri $logOffUri `
-PreferredAuthenticationProtocol "SAMLP"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment