I have been thinking about this for a little while, but finally found a reason to make it myself. If you have worked with Windows Identity Foundation SDK in the past you might have spotted a very handy utility called FedUtil.exe. If you installed the SDK in the default location its located at “C:\Program Files (x86)\Windows Identity Foundation SDK\v3.5″ folder. Or if you are a developer you might have noticed the “Update STS reference” button while working on a standard ASP.NET web application. This tool is great when you are working with ADFS 2.0 or any other standards compliant identity provider. This utility configures the ASP.NET web application and produces relying party metadata which could be later sent to the identity provider so that too could be configured to issue claims to this relying party.
SharePoint is a ASP.NET web application however because of SharePoint specific deployment scenarios this tool is not very useful in a SharePoint context. So i have attempted to create a utility that could be used for similar purposes. SPFedUtil.exe features as it stands today [4:40pm 12/05/2010]
- Displays currently configured SharePoint trusted login providers
- Enables configuration of trusted login provider name and realm
- Federation metadata consumption from a server or file system
- Identity provider certificate verification and CA configuration
- Augmenting list of claims provided by identity provider with a CSV file
- Specifying SharePoint user identity claim type
- Specifying SharePoint claim provider for this trusted login provider
- SharePoint replying party metadata configuration, including contact and organization info
- Configures SharePoint trusted login provider using PowerShell (can be run from the util)
- Emailing of generated relying party metadata to identity provider technical contact
[4:44 21/05/2010] Update : bug fixed – Identity provider sign in URL not configured properly during SharePoint trusted provider setup. This now retrieves the sign in URL from the IdP metadata.
[4:44 21/05/2010] Update : bug fixed – Identity provider sign in URL not configured properly during SharePoint trusted provider setup. This now retrieves the sign in URL from the IdP metadata.
This is a beta tool and thus should be used with caution :D
Pingback
by SharePoint Federation Utility ( SPFedUtil.exe ) « Zubair's Blog
12 May 2010 at 05:46
[...] HomeAbout ZubairProjectsSPFedUtil.exe [...]
by loogares
22 Oct 2010 at 09:19
Hi, this aplication looks very interesting to me, since i am inmersed in the sharepoint 2010 claims world, i really can’t wait to try it out…but…i cannot see where to download it…
Can you please provide a link to download the App?
Thanks you very much
Loogares