| Download Help Link | Help Version | Locale | Module Guid | Module Name |
|---|---|---|---|---|
5.0.0.1 |
en-US |
5c958595-c68c-4c00-a468-9763de83bbee |
ADFS |
This reference provides command-line reference documentation for the IT professional of the Windows PowerShell cmdlets that you can use to deploy and administer Active Directory Federation Services (AD FS) in Windows Server.
Adds an attribute store to the Federation Service.
Adds a new certificate to AD FS for signing, decrypting, or securing communications.
Adds a claim description to the Federation Service.
Adds a new claims provider trust to the Federation Service.
Creates a claims provider trust group based on metadata that contains multiple entities.
Registers an OAuth 2.0 client with AD FS.
Adds a custom UPN suffix.
Adds this computer to an existing federation server farm.
Creates a local claims provider trust.
Adds a native client application role to an application in AD FS.
Adds a relying party trust that represents a non-claims-aware web application or service to the Federation Service.
Adds a new relying party trust to the Federation Service.
Creates a relying party trusts group.
Adds a scope description in AD FS.
Adds a server application role to an application in AD FS.
Adds configuration settings for trusted federation partners in AD FS.
Adds a Web API application role to an application in AD FS.
Adds a relying party trust for the Web Application Proxy.
Disables an application group.
Disables a certificate authority.
Disables a claims provider trust in the Federation Service.
Disables an OAuth 2.0 client that is currently registered with AD FS.
Marks the Device Registration Service as disabled on an AD FS server.
Disables an endpoint of AD FS.
Disables a local claims provider trust.
Disables a relying party trust for a non-claims-aware web application or service from the Federation Service.
Disables a relying party trust of the Federation Service.
Disables the relying party trust for the Web Application Proxy.
Enables an application group in AD FS.
Enables a claims provider trust in the Federation Service.
Enables the use of an OAuth 2.0 client registration by AD FS.
This cmdlet has been deprecated.
Enables an endpoint in AD FS.
Enables a local claims provider trust.
Enables a relying party trust for a non-claims-aware web application or service from the Federation Service.
Enables a relying party trust of the Federation Service.
Enables the relying party trust object for the Web Application Proxy.
Returns a file containing the tenant ID for which the AD FS farm is configured for Azure MFA, as well as the well-known client ID for Azure MFA.
Generates SQL scripts to create the AD FS database and to grant permissions.
Exports properties of all web content objects in a specific locale to a specified file.
Exports a web theme to a folder.
Gets an AD FS access control policy.
Retrieves the global rules that trigger additional authentication providers to be invoked.
Gets an application group.
Gets permission for an application.
Gets the attribute stores of the Federation Service.
Gets a list of all authentication providers in AD FS.
Retrieves web content objects for authentication providers.
Gets whether Azure MFA is enabled.
Retrieves the certificates from AD FS.
Gets a certificate authority.
Gets claim descriptions from the Federation Service.
Gets the claims provider trusts in the Federation Service.
Gets an AD FS claims provider trust group.
Retrieves registration information for an OAuth 2.0 client.
Gets the administrative polices of the Device Registration Service.
Gets the UPN suffixes that can be used with device registration.
Retrieves an endpoint in AD FS.
Gets AD FS behavior level and farm node information.
Displays the AD FS global policy.
Gets global web content objects.
Gets local claims provider trusts.
Gets native client application roles from an application in AD FS.
Gets the properties of a relying party trust for a non-claims-aware web application or service.
Gets all the associated properties for the AD FS service.
The Get-AdfsRegistrationHosts cmdlet is deprecated. Instead, use the Get-AdfsDeviceRegistrationUpnSuffix cmdlet.
Gets the relying party trusts of the Federation Service.
Gets a relying party trust group.
Gets web content objects for relying parties.
Gets properties of web themes applied to relying party trusts.
Gets a description for a scope in AD FS.
Gets configuration settings for a server application role for an application in AD FS.
Gets the host name, port, and certificate hash for SSL bindings configured for AD FS and the device registration service.
Gets synchronization properties the configuration database of AD FS.
Gets a trusted federation partner in AD FS.
Gets Web API application roles in AD FS.
Gets the relying party trust object for the Web Application Proxy.
Gets AD FS web customization configuration settings.
Gets web themes.
Grants application permission.
Imports the custom configuration for an authentication provider.
Imports properties from a resource file into global and relying party web content objects.
Initializes the Device Registration Service configuration in the Active Directory forest.
Creates the first node of a new federation server farm.
Raises the behavior level of a farm.
Creates an AD FS access control policy.
Creates an application group.
Creates a certificate for the AD FS farm to use to connect to Azure MFA, or returns the currently configured certificate.
Creates a set of claim rules.
Creates a contact person object.
Creates a mapping between an attribute of an LDAP folder and an AD FS claim type.
Creates a connection object.
Creates a new organization information object.
Creates a SAML protocol endpoint object.
Creates an AD FS web theme.
The Publish-SslCertificate cmdlet is deprecated. Instead, use the Set-AdfsSslCertificate cmdlet.
Registers an external authentication provider in AD FS.
Removes an AD FS access control policy.
Removes an application group.
Removes an attribute store from the Federation Service.
Removes web content customization of the authentication provider in the user sign-in web pages from AD FS.
Removes a certificate from AD FS.
Removes a claim description from the Federation Service.
Removes a claims provider trust from the Federation Service.
Removes an AD FS claims provider trust group.
Deletes registration information for an OAuth 2.0 client that is currently registered with AD FS.
Removes a custom UPN suffix.
The Remove-AdfsFarmNode cmdlet is deprecated. Instead, use the Uninstall-WindowsFeature cmdlet.
Removes a global web content object.
Removes a local claims provider trust.
Removes a native client application role from an application in AD FS.
Removes a relying party trust for a non-claims-aware web application or service from the Federation Service.
Removes a relying party trust from the Federation Service.
Removes a relying party trusts group.
Removes a relying party web content object.
Removes a web theme to a relying party.
Removes a scope description in AD FS.
Removes a server application role from an application in AD FS.
Removes a trusted federation partner in AD FS.
Removes a Web API application role from an application in AD FS.
Removes the relying party trust object for the Web Application Proxy.
Removes a web theme.
Restores the farm to a previous behavior level.
Revokes permission for an application.
Revokes trust for all federation server proxies configured for the Federation Service.
Modifies an AD FS access control policy.
Sets the global rules that provide the trigger for additional authentication providers to be invoked.
Configures an existing AD FS deployment to use the same port for both device certificate and client certificate authentication.
Modifies an application group.
Modifies application permissions.
Modifies properties of an attribute store.
Modifies a display name and description.
Enables an AD FS farm to use MFA.
Sets the properties of an existing certificate that AD FS uses to sign, decrypt, or secure communications.
Modifies a certificate authority.
Sets the account that is used for sharing managed certificates in a federation server farm.
Modifies the properties of a claim description.
Sets the properties of a claims provider trust.
Modifies registration settings for an OAuth 2.0 client registered with AD FS.
Configures the administrative policies for the Device Registration Service.
Sets the list of UPN suffixes.
Sets the endpoint on a Web Application Proxy.
Removes a stale or offline farm node from the farm information table.
Modifies the AD FS global policy.
Sets properties for global web content objects.
Modifies a local claims provider trust.
Modifies configuration settings for a server native client application role of an application in AD FS.
Sets the properties of a relying party trust for a non-claims-aware web application or service.
Sets the properties that control global behaviors in AD FS.
The Set-AdfsRegistrationHosts cmdlet is deprecated. Instead, use the Set-AdfsDeviceRegistrationUpnSuffix cmdlet.
Sets the properties of a relying party trust.
Sets properties for the relying party web content objects.
Applies a web theme to a relying party.
Modifies a scope description in AD FS.
Modifies configuration settings for a server application role of an application in AD FS.
Sets an SSL certificate for HTTPS bindings for AD FS.
Modifies the frequency of synchronization for the AD FS configuration database and which server is primary in the farm.
Modifies configuration settings for trusted federation partners in AD FS.
Modifies configuration settings for a Web API application in AD FS.
Modifies properties of the relying party trust object for the Web Application Proxy.
Modifies web customization configuration settings.
Modifies properties of a web theme.
Tests whether you can raise the behavior level of a farm.
Tests whether you can restore an AD FS farm to a previous behavior level.
Runs prerequisite checks for installing a new federation server farm.
Runs prerequisite checks for adding the server computer to a federation server farm.
Deletes an external authentication provider from AD FS.
Updates the certificates of AD FS.
Updates the claims provider trust from federation metadata.
Updates the relying party trust from federation metadata.