Add claims with claim name..

Just a reminder to self.. Wanted to add multiple claims and needed to also have the name specified – not sure where this was documented but here it is anyway – maybe i overlooked it somewhere.   $claim_PrimarySID = New-AdfsClaimRuleSet -ClaimRule ‘@RuleName = “Pass through GroupSID” c:[Type == “http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid”] => issue(claim = c);’ $claim_GroupSid =…

0

Exchange 2013 SP1: OWA native support for ADFS!

It’s been a long time coming but we finally have native support for ADFS authentication for OWA and ECP. Native means no more hacking away at the web.config , messing with fedutil etc.. etc.. It’s all built into two commands: -Set-OrganizationConfig –> set the token signing cert, ADFS issuer and AudienceURIs-Set-EcpVirtualDirectory and Set-OWAVirtualDirectory -AdfsAuthentication See…

5

Timeouts or delays connecting to WinRM

  Ran into an interesting issue the other day where WinRM connections were taking 15-20s per connection to the domain controllers and due to many connections from an automation system, connections would backup and then fail. The only real hint we had was from the WinRM logs: logman.exe start winrm -p Microsoft-Windows-Winrm -o winrm.etl –ets…

0