Force non-WIA to ADFS or external Trust

Dec 15, 2011 at 6:02 PM

There's a trick to get this to work when using ADFS.  The default behaviour of this solution redirects to a non-existing page /_forms/login.aspx or something like that.

This is what I ended up doing to get it to work:

#setup

Add-PSSnapin ClaimsSignInAdmin

 #get the Aps

$ap = Get-SPAuthenticationProvider -WebApplication http://portal.contosotest.com

 #get signin config

$signInconfig = Get-SPSignInConfiguration http://portal.contosotest.com

 $signInconfig.Clear()

$signInconfig.SingInPageMappings.Add("default", "/_trust/default.aspx?trust=ADFSProvider1")

$signInconfig.AddProviderMapping("127.0.0.*", $ap[0].DisplayName)

$signInconfig.AddProviderMapping("192.168.72.*", $ap[0].DisplayName)

$signInconfig.Update()