Set-SPTrustedIdentityTokenIssuer
Sets the identity providers of a Web application.
Syntax
ImportCertificateParameterSet
Set-SPTrustedIdentityTokenIssuer
[-Identity] <SPTrustedIdentityTokenIssuerPipeBind>
-ImportTrustCertificate <X509Certificate2>
[-AssignmentCollection <SPAssignmentCollection>]
[-ClaimProvider <SPClaimProviderPipeBind>]
[-ClaimsMappings <SPClaimMappingPipeBind[]>]
[-Description <String>]
[-Realm <String>]
[-SignInUrl <String>]
[-UseWReply]
[-Confirm]
[-RegisteredIssuerName <String>]
[-WhatIf]
[<CommonParameters>]
MetadataEndPointParameterSet
Set-SPTrustedIdentityTokenIssuer
[-Identity] <SPTrustedIdentityTokenIssuerPipeBind>
-MetadataEndPoint <Uri>
[-AssignmentCollection <SPAssignmentCollection>]
[-ClaimProvider <SPClaimProviderPipeBind>]
[-ClaimsMappings <SPClaimMappingPipeBind[]>]
[-Description <String>]
[-Realm <String>]
[-SignInUrl <String>]
[-UseWReply]
[-Confirm]
[-RegisteredIssuerName <String>]
[-WhatIf]
[<CommonParameters>]
Description
The Set-SPTrustedIdentityTokenIssuer cmdlet sets the identity providers of a Web application or extended Web application. For the ASP.NET Membership provider and Role provider, this cmdlet changes the identity provider only if the result is piped to a variable and passed to a Web application. For security token service (STS) identity providers, this cmdlet changes the persisted identity provider object in the SPFarm object.
For permissions and the most current information about Windows PowerShell for SharePoint Products, see the online documentation at SharePoint Server Cmdlets.
Examples
EXAMPLE 1
Set-SPTrustedIdentityTokenIssuer "LiveIDSTS" -Certificate (Get-ChildItem"cert:Certificates (LocalComputer)\Personal\Certificates -Name "LiveID Cert")
This example sets the identity provider to LiveIDSTS.
EXAMPLE 2
C:\PS>$ip = @( (Get-SPTrustedIdentityTokenIssuer "LiveID STS"), (New-SPTrustedIdentityTokenIssuer -ASPNetMembershipProvider "myMembershipProvider" -ASPNetRoleProvider "myRoleProvider"), (Get-SPTrustedIdentityTokenIssuer "NTLM")) )
New-SPWebApplication https://contoso.com -IdentityProvider $ip
This example sets the identity provider using the .ASPNetMembership and Role parameters. When these parameters are used, a variable must be set; otherwise, the values do not take effect.
Parameters
-AssignmentCollection
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Manages objects for the purpose of proper disposal. Use of objects, such as SPWeb or SPSite, can use large amounts of memory and use of these objects in Windows PowerShell scripts requires proper memory management. Using the SPAssignment object, you can assign objects to a variable and dispose of the objects after they are needed to free up memory. When SPWeb, SPSite, or SPSiteAdministration objects are used, the objects are automatically disposed of if an assignment collection or the Global parameter is not used.
When the Global parameter is used, all objects are contained in the global store.
If objects are not immediately used, or disposed of by using the Stop-SPAssignment command, an out-of-memory scenario can occur.
Parameter properties
| Type: | SPAssignmentCollection |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | True |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ClaimProvider
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Specifies the IP STS that can resolve and search claims for claims people picker.
The type must be a valid GUID, in the form 12345678-90ab-cdef-1234-567890bcdefgh; or a valid name of a claim provider (for example, MyIDprovider1); or an instance of a valid SPClaimProvider object.
Parameter properties
| Type: | SPClaimProviderPipeBind |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ClaimsMappings
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Specifies the mapping of the claims from the original token to the SharePoint token.
The type must be a valid GUID, in the form 12345678-90ab-cdef-1234-567890bcdefgh; or a valid name of a claim mapping rule (for example, Email); or an instance of a valid SPClaimMapping object.
Parameter properties
| Type: | SPClaimMappingPipeBind[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Confirm
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Description
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Specifies a description for the new identity provider.
The type must be a valid string; for example, LiveID STS.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Identity
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Specifies the identity provider to update.
The type must be a valid GUID, in the form 12345678-90ab-cdef-1234-567890bcdefgh; or a valid name of identity provider (for example, LiveID STS); or an instance of a valid SPIdentityProvider object.
Parameter properties
| Type: | SPTrustedIdentityTokenIssuerPipeBind |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | 1 |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ImportTrustCertificate
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Specifies the X.509 certificate object from trusted authentication provider farm.
The type must be a name of a valid X.509 certificate; for example, Certificate1.
Parameter properties
| Type: | X509Certificate2 |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
ImportCertificateParameterSet
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-MetadataEndPoint
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Parameter properties
| Type: | Uri |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
MetadataEndPointParameterSet
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Realm
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Specifies the realm, or resource partition, associated with this trust.
The type must be a name of a valid realm; for example, MD_REALM.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-RegisteredIssuerName
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
{{Fill RegisteredIssuerName Description}}
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-SignInUrl
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Specifies the sign-in URLs for this trusted identity provider STS.
The type must be a valid URL, in the form https://int.live.com/.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-UseWReply
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Includes a WReply with the token request. Wreply is a URL at the relying party to which the requestor is redirected once sign-out processing is complete.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-WhatIf
Applicable: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.