Office Integration with MOSS and ADFS

Previously, Office Integration with SharePoint secured by forms based authentication was not possible.  The new ability of the Office client applications in Office 2007 SP2 to perform a forms login helps to solve this problem.  You will need to install this post SP2 fix to your client machines to gain this functionality.  What is needed…


ADFSDiag has been updated again!

The updated tool can be found here.  The attachment contains both 32 and 64 bit installers. A cool new feature – Claim Flow Analysis has been added to this version.  I’ll write up a quick blog on how to use this feature soon.


Adding an ADFS Proxy Server

I’m going on an hour trying to get the screen shots formatted correctly.  Live Writer is making them too small.  I’ll just attach the word document to the end if you want to see the pictures better.  I’m done messing around with this for now!  If you know what I’m doing wrong – please send…


Interesting problem when adding an ADFS Proxy

I am working on a blog post (step-by-step) for the Proxy component and I ran into a problem yesterday that ran me around pretty good.  We have seen this issue or variations of it on some support cases recently, so I thought the actual problem itself would make a good post. The problem is caused by permissions…


Using ADFS with Constrained Delegation

With ADFS – the authentication token issued is good for the web server with the agent installed.  It is a local RPC token and cannot go off the box.  With some additional configuration, you can configure ADFS to go off the box and delegate with a kerbitized back-end.  There are some caveats – namely, a…


Script to configure SharePoint to use ADFS authentication

More great tools by the ADFS team… Problems with the web.config files are one of the more common issues we see with ADFS/MOSS cases in PSS.  Now there is a script with will make the modifications for you. It is located on the SharePoint team blog and can be accessed here.

ADFS Diagnostic Tool

A huge thanks to the ADFS test team for developing such a great tool.    Here is a quick “how to”   The tool is very simple to use and provides a graphical UI. In order to perform distributed diagnosis, i.e. diagnose failures based on the configuration of multiple machines in the scenario, it’s necessary to copy the out file…


Enabling debug logging for Claims Aware Applications

  Place the following in your applications web.config file.  Place this after the </> section of the file.     <system.diagnostics>       <switches>         <add name=”WebSsoDebugLevel” value=”15″ />       </switches>       <trace autoflush=”true” indentsize=”3″>          <listeners>             <add name=”ADFSLogListener” type=”System.Web.Security.SingleSignOn.BoundedSizeLogFileTraceListener, System.Web.Security.SingleSignOn, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35, Custom=null” initializeData=”c:\adfs\logs\” />          </listeners>       </trace>     </system.diagnostics>

Update on configuring MOSS as a claims aware application

======================================================================================  UPDATE: I’m not going to remove this blog or the original blog on the web.config entries – but I do want to make note that these web.config files should not be modified directly anymore.  Please use the SetupSharePointADFS.vbs file to configure the MOSS applications for the SSO Provider.  The script eliminates the possiblility of…


ADFS Certificates – SSL, Token Signing, and Client Authentication Certs

  We are seeing quite a few support calls relating to certificate problems. Many of these are due to a misunderstanding of how the various certificates are used. ADFS/PKI issues are often very difficult to diagnose for the following reason – a lack of logging telling you what the problem is. For example – if…