New-SPClaimsPrincipal
Creates a claims principal.
Syntax
STSIdentity
New-SPClaimsPrincipal
[-ClaimValue] <String>
[[-ClaimType] <String>]
[-TrustedIdentityTokenIssuer] <SPTrustedIdentityTokenIssuerPipeBind>
[-IdentifierClaim]
[-AssignmentCollection <SPAssignmentCollection>]
[<CommonParameters>]
ClaimProvider
New-SPClaimsPrincipal
[-ClaimValue] <String>
[-ClaimType] <String>
-ClaimProvider <SPClaimProvider>
[-AssignmentCollection <SPAssignmentCollection>]
[<CommonParameters>]
BasicClaim
New-SPClaimsPrincipal
[-EncodedClaim] <String>
[-AssignmentCollection <SPAssignmentCollection>]
[<CommonParameters>]
IdentityType
New-SPClaimsPrincipal
[-Identity] <String>
[-IdentityType] <SPIdentifierTypes>
[-AssignmentCollection <SPAssignmentCollection>]
[<CommonParameters>]
TrustIdentity
New-SPClaimsPrincipal
[-Identity] <String>
[-TrustedIdentityTokenIssuer] <SPTrustedIdentityTokenIssuerPipeBind>
[-AssignmentCollection <SPAssignmentCollection>]
[<CommonParameters>]
Description
This cmdlet contains more than one parameter set. You may only use parameters from one parameter set, and you may not combine parameters from different parameter sets. For more information about how to use parameter sets, see Cmdlet parameter sets.
The New-SPClaimsPrincipal cmdlet creates a claims principal.
For permissions and the most current information about Windows PowerShell for SharePoint Products, see the online documentation at SharePoint Server Cmdlets.
Examples
EXAMPLE 1
New-SPSite https://sitename/sites/newsite -owner (New-SPClaimsPrincipal contoso\johndoe -TrustedIdentityTokenIssuer "NTLM")
This example creates a claim principal for a Windows user.
EXAMPLE 2
New-SPSite https://localhost/sites/newsite -owner (New-SPClaimsPrincipal contoso\allusers -TrustedIdentityTokenIssuer "NTLM")
This example creates a claim principal for a Windows group.
EXAMPLE 3
New-SPSite https://sitename/sites/newsite -owner (New-SPClaimsPrincipal -ClaimValue "john@contoso.com" -ClaimType Email -TrustedIdentityTokenIssuer "LiveID STS" -IdentifierClaim Yes)
This example creates a claim principal for a trusted identity token issuer claim.
EXAMPLE 4
$ip = New-SPIdentityProvider -ASPNetMembershipProvider "myMembershipProvider" -ASPNetRoleProvider "myRoleProvider"
New-SPSite https://sitename/sites/newsite -owner (New-SPClaimsPrincipal "john@contoso.com" -TrustedIdentityTokenIssuer $ip)
This example creates a claim principal for a ASPNet Membership User.
EXAMPLE 5
New-SPSite https://sitename/sites/newsite -owner (New-SPClaimsPrincipal "Sales Manager Role" -IdentityProvider "myRoleProvider")
This example creates a claim principal for a ASPNet Role.
EXAMPLE 6
$cp = New-SPClaimsPrincipal -Identity "redmond\SiteOwner" -IdentityType 1
New-SPSite https://servername:port -OwnerAlias $cp.ToEncodedString() -Template "STS#0"
This example creates a claim principal for a Basic Claim Role, which is also called an encoded claim).
Parameters
-AssignmentCollection
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Manages objects for the purpose of proper disposal. Use of objects, such as SPWeb or SPSite, can use large amounts of memory and use of these objects in Windows PowerShell scripts requires proper memory management. Using the SPAssignment object, you can assign objects to a variable and dispose of the objects after they are needed to free up memory. When SPWeb, SPSite, or SPSiteAdministration objects are used, the objects are automatically disposed of if an assignment collection or the Global parameter is not used.
When the Global parameter is used, all objects are contained in the global store. If objects are not immediately used, or disposed of by using the Stop-SPAssignment command, an out-of-memory scenario can occur.
Parameter properties
| Type: | SPAssignmentCollection |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | True |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ClaimProvider
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Specifies the security token service identity provider that will contain the claims principal.
The type must be a valid GUID, in the form 12345678-90ab-cdef-1234-567890bcdefgh; or a valid name of identity provider (for example, MyIDprovider1); or an instance of a valid SPIdentityProvider object.
Parameter properties
| Type: | SPClaimProvider |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
ClaimProvider
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ClaimType
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Specifies the type of claim to create. The value I indicates a unique user identity claim, and the value C indicates all other claims.
The type must be either of the following values: I or C.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
STSIdentity
| Position: | 2 |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
ClaimProvider
| Position: | 2 |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ClaimValue
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Specifies the claim value of the claims object. The claims value specifies the user, group, or computer that the claim is authenticating.
The type must be a valid claim value; for example, john@contoso.com.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
STSIdentity
| Position: | 1 |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
ClaimProvider
| Position: | 1 |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-EncodedClaim
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Converts a simple claim to a full encoded claim.
The type must be a valid claim value; for example, i:001w|redmond\user.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
BasicClaim
| Position: | 1 |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-IdentifierClaim
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Specifies if the new claim is an identity claim.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
STSIdentity
| Position: | 4 |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Identity
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Specifies the name of the new claims principal.
The type must be a valid name of a claims principal.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
IdentityType
| Position: | 1 |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
TrustIdentity
| Position: | 1 |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-IdentityType
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Specifies the type of the new claims principal.
The type must be one of the following: WindowsSamAccountName, WindowsSecurityGroupSid, FormsUser, FormsRole, or EncodedClaim.
Parameter properties
| Type: | SPIdentifierTypes |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
IdentityType
| Position: | 2 |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-TrustedIdentityTokenIssuer
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Specifies the ID of the authentication provider.
The type must be a valid GUID, in the form 12345678-90ab-cdef-1234-567890bcdefgh; or a valid name of an Authentication provider (for example, MyAuthprovider1); or an instance of a valid SPTrustedIdentityTokenIssuer object.
Parameter properties
| Type: | SPTrustedIdentityTokenIssuerPipeBind |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
STSIdentity
| Position: | 2 |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
TrustIdentity
| Position: | 2 |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.