Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <#
- .Synopsis
- Copies all claim rules from one RPT to another
- .DESCRIPTION
- Copies all claim rules from one RPT to another
- .EXAMPLE
- Copy-ADFSClaimRules -SourceRelyingPartyTrustName "Office 365" -DestinationRelyingPartyTrustName "Token testing website - Marius"
- #>
- function Copy-ADFSClaimRules
- {
- [CmdletBinding()]
- Param
- (
- # Param1 help description
- [Parameter(Mandatory=$true,
- ValueFromPipeline=$false,
- Position=0)]
- [string] $SourceRelyingPartyTrustName,
- [Parameter(Mandatory=$true,
- ValueFromPipeline=$false,
- Position=1)]
- [string] $DestinationRelyingPartyTrustName
- )
- Begin
- {
- }
- Process
- {
- $SourceRPT = Get-AdfsRelyingPartyTrust -Name $SourceRelyingPartyTrustName
- $DestinationRPT = Get-AdfsRelyingPartyTrust -Name $DestinationRelyingPartyTrustName
- if(!$SourceRPT) {
- Write-Error "Could not find $SourceRelyingPartyTrustName"
- } elseif(!$DestinationRPT) {
- Write-Error "Could not find $DestinationRelyingPartyTrustName"
- }
- Set-AdfsRelyingPartyTrust -TargetRelyingParty $DestinationRPT -IssuanceTransformRules $SourceRPT.IssuanceTransformRules -IssuanceAuthorizationRules $SourceRPT.IssuanceAuthorizationRules -DelegationAuthorizationRules $SourceRpT.DelegationAuthorizationRules
- }
- End
- {
- }
- }
- <#
- .Synopsis
- Returns the thumbprint of the ADFS token signing certificate
- .DESCRIPTION
- Returns the thumbprint of the ADFS token signing certificate
- .EXAMPLE
- Get-AdfsTokenSigningThumbprint adfs.goodworkaround.com
- #>
- function Get-AdfsTokenSigningThumbprint
- {
- [CmdletBinding()]
- Param
- (
- # Param1 help description
- [Parameter(Mandatory=$true,
- ValueFromPipelineByPropertyName=$false,
- Position=0)]
- $ADFS
- )
- Begin
- {
- }
- Process
- {
- $metadata = Invoke-RestMethod -Uri ("https://{0}/FederationMetadata/2007-06/FederationMetadata.xml" -f $ADFS)
- $tempfile = "{0}\adfsTempCert.cer" -f $env:temp
- $metadata.EntityDescriptor.Signature.KeyInfo.X509Data.X509Certificate | Set-Content -Path $tempfile
- $cert = (New-Object System.Security.Cryptography.X509Certificates.X509Certificate2)
- $cert.Import($tempfile)
- return $cert.Thumbprint
- }
- End
- {
- }
- }
- <#
- .Synopsis
- Copies relying party trust
- .DESCRIPTION
- Copies relying party trust
- .EXAMPLE
- Copy-AdfsRelyingPartyTrust "Intranett Test" "Intranett Prod" "urn:sharepoint:prod"
- #>
- function Copy-AdfsRelyingPartyTrust
- {
- [CmdletBinding()]
- [OutputType([int])]
- Param
- (
- [Parameter(Mandatory=$true,
- ValueFromPipeline=$false,
- Position=0)]
- $SourceRelyingPartyTrustName,
- [Parameter(Mandatory=$true,
- ValueFromPipeline=$false,
- Position=1)]
- $NewRelyingPartyTrustName,
- [Parameter(Mandatory=$true,
- ValueFromPipeline=$false,
- Position=2)]
- $NewRelyingPartyTrustIdentifier
- )
- Begin
- {
- }
- Process
- {
- $SourceRelyingPartyTrust = Get-AdfsRelyingPartyTrust -Name $SourceRelyingPartyTrustName
- $exceptedAttributes = @("ConflictWithPublishedPolicy","OrganizationInfo","ProxyEndpointMappings","LastUpdateTime","PublishedThroughProxy","LastMonitoredTime")
- $parameters = @{}
- $SourceRelyingPartyTrust | Get-Member -MemberType Property | where{$_.name -notin $exceptedAttributes} | foreach {
- if($SourceRelyingPartyTrust.($_.Name) -ne $null) {
- $parameters[$_.Name] = $SourceRelyingPartyTrust.($_.Name)
- }
- }
- $parameters.Name = $NewRelyingPartyTrustName
- $parameters.Identifier = $NewRelyingPartyTrustIdentifier
- Add-AdfsRelyingPartyTrust @parameters
- }
- End
- {
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement