Comments (9)

  1. SpatDSG says:

    great post! Great to see an SP ident based blog out here 🙂

    Question: Can I configure Sharepoint 2010 to use a different RP-STS , other then the one which is built into Sharepoint?

    Scenario:

    I already have a geneva RP-STS setup and want to centralize configuration and operations around the existing infrastructure. This RP-STS  already has an existing federated trust relationship with the  partners ( many of them ) IP-STS.

    thanks!

    Spat

  2. SPIdentity says:

    We totally expect #sp2010 to be used with another RP-STS. That is where you would do major trust management, policy management, claims transforms, etc.

    We use a built-in STS because we need it to make cross-machine web service calls (aka Shared Service calls) as well as external web services (via BCS/External Content Types).

  3. Naveen Babu says:

    ADFS 2.0 Server :

        — Configured Live ID thro SAML as Relying Party

        — Configured SP 2010 as another RP

        — may have more RPs for different partners…etc (nothing as of now)

    SharePoint 2010:

       —- Configured EDSTS as Identity Provider (Thanks for this blog, it helped a lot)

    Now I am looking at using Live ID authentication at my SharePoint 2010 site via ADFS 2.0. Any help on configurations?

  4. Gopalakrishnan says:

    Is it possible to do these steps using Central Admin UI instead of PS scripts?

  5. SPIdentity says:

    We are working on an article about LiveID, please stay tuned …

    Regarding the question about Central Admin UI: Establishing a trust is not possible via Central Admin UI. Enabling a trusted IP-STS in a web application or extended web application can be done in Central Admin UI as well as Powershell.

  6. Chun Liu says:

    Can I create a claim mapping with a reserved claim type like "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" ?

  7. jfuentes says:

    Hi there,

    I am working on a project where this could make things alot clearer. They have AD resoruces like Exchange and other resoruces that would authicate via CBA.

  8. Stickjam says:

    Great stuff, but please bring on the information about LiveID.  We're dying in suspense out here!  🙂