The Power of POSH and Get-Help

If you ever find yourself yearning to break into Powershell for extending your technological tendrils into areas normally reserved for C++ or C# developers then you’ll want to leverage the Power of the Get-Help Powershell cmdlet. Example: Let’s say you want to list all and any cmdlets that contain ‘ADFS’ or that mention ‘ADFS’ anywhere in…

0

Installing ADFS 2.1 on Windows Server 2012 with Windows Internal Database fails if local GPO granting User Rights is overwritten at the Domain or OU-level

During the installation of ADFS 2.1 on Windows Server 2012 the Add-Role wizard grants the local virtual account NT SERVICEMSSQL$MICROSOFT##WID that runs the WID service ‘Log on as a service’ user rights via the Local Group policy. If the Local Group Policy that grants the user rights is overwritten by a GPO with a higher priority that also defines User Rights the…

0

Upgrading from ADFS 2.0 to ADFS 2.1

[Note: this is a shortcut variation on the steps in the Technet article on http://technet.microsoft.com/en-us/library/jj134039.aspx and should for now only be used in lab scenarios as it hasn’t been officially tested by the PG’s] The short version;  Add the AD FS role on Windows Server 2012, choose to add it to an existing farm. Make the new…

2

Fiddling with ADFS – end the infinite authentication loop

While working at a customer site the other day I was reminded of an article by Eric Lawrence on why you sometimes start seeing endless pop-up windows asking for credentials when using Fiddler to decrypt HTTPS traffic during troubleshooting. In short; If the web server has Extended Protection for Authentication enabled then it detects that…

0