70-742 Additional Notes – Federation Services Cmdlets for PowerShell

Be sure to run through these useful cmdlets for the management of Active Directory Federation Services. Remember, don’t go crazy with memorization here on cmdlets. Just remember the verb-noun syntax and review the list to see what is possible. Once again – don’t miss the READ MORE button in the blog post to see the complete list:

  • Add-​Adfs​Attribute​Store
    Adds an attribute store to the Federation Service.
  • Add-​Adfs​Certificate
    Adds a new certificate to AD FS for signing, decrypting, or securing communications.
  • Add-​Adfs​Claim​Description
    Adds a claim description to the Federation Service.
  • Add-​Adfs​Claims​Provider​Trust
    Adds a new claims provider trust to the Federation Service.
  • Add-​Adfs​Claims​Provider​Trusts​Group
    Creates a claims provider trust group based on metadata that contains multiple entities.
  • Add-​Adfs​Client
    Registers an OAuth 2.0 client with AD FS.
  • Add-​Adfs​Device​Registration​Upn​Suffix
    Adds a custom UPN suffix.
  • Add-​Adfs​Farm​Node
    Adds this computer to an existing federation server farm.
  • Add-​Adfs​Local​Claims​Provider​Trust
    Creates a local claims provider trust.
  • Add-​Adfs​Native​Client​Application
    Adds a native client application role to an application in AD FS.
  • Add-​Adfs​Non​Claims​Aware​Relying​Party​Trust
    Adds a relying party trust that represents a non-claims-aware web application or service to the Federation Service.
  • Add-​Adfs​Relying​Party​Trust
    Adds a new relying party trust to the Federation Service.
  • Add-​Adfs​Relying​Party​Trusts​Group
    Creates a relying party trusts group.
  • Add-​Adfs​Scope​Description
    Adds a scope description in AD FS.
  • Add-​Adfs​Server​Application
    Adds a server application role to an application in AD FS.
  • Add-​Adfs​Trusted​Federation​Partner
    Adds configuration settings for trusted federation partners in AD FS.
  • Add-​Adfs​Web​Api​Application
    Adds a Web API application role to an application in AD FS.
  • Add-​Adfs​Web​Application​Proxy​Relying​Party​Trust
    Adds a relying party trust for the Web Application Proxy.
  • Disable-​Adfs​Application​Group
    Disables an application group.

  • Disable-​Adfs​Certificate​Authority
    Disables a certificate authority.
  • Disable-​Adfs​Claims​Provider​Trust
    Disables a claims provider trust in the Federation Service.
  • Disable-​Adfs​Client
    Disables an OAuth 2.0 client that is currently registered with AD FS.
  • Disable-​Adfs​Device​Registration
    Marks the Device Registration Service as disabled on an AD FS server.
  • Disable-​Adfs​Endpoint
    Disables an endpoint of AD FS.
  • Disable-​Adfs​Local​Claims​Provider​Trust
    Disables a local claims provider trust.
  • Disable-​Adfs​Non​Claims​Aware​Relying​Party​Trust
    Disables a relying party trust for a non-claims-aware web application or service from the Federation Service.
  • Disable-​Adfs​Relying​Party​Trust
    Disables a relying party trust of the Federation Service.
  • Disable-​Adfs​Web​Application​Proxy​Relying​Party​Trust
    Disables the relying party trust for the Web Application Proxy.
  • Enable-​Adfs​Application​Group
    Enables an application group in AD FS.
  • Enable-​Adfs​Claims​Provider​Trust
    Enables a claims provider trust in the Federation Service.
  • Enable-​Adfs​Client
    Enables the use of an OAuth 2.0 client registration by AD FS.
  • Enable-​Adfs​Device​Registration
    This cmdlet has been deprecated.
  • Enable-​Adfs​Endpoint
    Enables an endpoint in AD FS.
  • Enable-​Adfs​Local​Claims​Provider​Trust
    Enables a local claims provider trust.
  • Enable-​Adfs​Non​Claims​Aware​Relying​Party​Trust
    Enables a relying party trust for a non-claims-aware web application or service from the Federation Service.
    Enable-​Adfs​Relying​Party​Trust
    Enables a relying party trust of the Federation Service.
  • Enable-​Adfs​Web​Application​Proxy​Relying​Party​Trust
    Enables the relying party trust object for the Web Application Proxy.
  • Export-​Adfs​Authentication​Provider​Configuration​Data
    Returns a file containing the tenant ID for which the AD FS farm is configured for Azure MFA, as well as the well-known client ID for Azure MFA.
  • Export-​Adfs​Deployment​SQ​LScript
    Generates SQL scripts to create the AD FS database and to grant permissions.
  • Export-​Adfs​Web​Content
    Exports properties of all web content objects in a specific locale to a specified file.
  • Export-​Adfs​Web​Theme
    Exports a web theme to a folder.
  • Get-​Adfs​Access​Control​Policy
    Gets an AD FS access control policy.
  • Get-​Adfs​Additional​Authentication​Rule
    Retrieves the global rules that trigger additional authentication providers to be invoked.
  • Get-​Adfs​Application​Group
    Gets an application group.
  • Get-​Adfs​Application​Permission
    Gets permission for an application.
  • Get-​Adfs​Attribute​Store
    Gets the attribute stores of the Federation Service.
  • Get-​Adfs​Authentication​Provider
    Gets a list of all authentication providers in AD FS.
  • Get-​Adfs​Authentication​Provider​Web​Content
    Retrieves web content objects for authentication providers.
  • Get-​Adfs​Azure​Mfa​Configured
    Gets whether Azure MFA is enabled.
  • Get-​Adfs​Certificate
    Retrieves the certificates from AD FS.
  • Get-​Adfs​Certificate​Authority
    Gets a certificate authority.
  • Get-​Adfs​Claim​Description
    Gets claim descriptions from the Federation Service.
  • Get-​Adfs​Claims​Provider​Trust
    Gets the claims provider trusts in the Federation Service.
  • Get-​Adfs​Claims​Provider​Trusts​Group
    Gets an AD FS claims provider trust group.
  • Get-​Adfs​Client
    Retrieves registration information for an OAuth 2.0 client.
  • Get-​Adfs​Device​Registration
    Gets the administrative polices of the Device Registration Service.
  • Get-​Adfs​Device​Registration​Upn​Suffix
    Gets the UPN suffixes that can be used with device registration.
  • Get-​Adfs​Endpoint
    Retrieves an endpoint in AD FS.
  • Get-​Adfs​Farm​Information
    Gets AD FS behavior level and farm node information.
  • Get-​Adfs​Global​Authentication​Policy
    Displays the AD FS global policy.
  • Get-​Adfs​Global​Web​Content
    Gets global web content objects.
  • Get-​Adfs​Local​Claims​Provider​Trust
    Gets local claims provider trusts.
  • Get-​Adfs​Native​Client​Application
    Gets native client application roles from an application in AD FS.
  • Get-​Adfs​Non​Claims​Aware​Relying​Party​Trust
    Gets the properties of a relying party trust for a non-claims-aware web application or service.
  • Get-​Adfs​Properties
    Gets all the associated properties for the AD FS service.
  • Get-​Adfs​Registration​Hosts
    The Get-AdfsRegistrationHosts cmdlet is deprecated.
  • Get-​Adfs​Relying​Party​Trust
    Gets the relying party trusts of the Federation Service.
  • Get-​Adfs​Relying​Party​Trusts​Group
    Gets a relying party trust group.
  • Get-​Adfs​Relying​Party​Web​Content
    Gets web content objects for relying parties.
  • Get-​Adfs​Relying​Party​Web​Theme
    Gets properties of web themes applied to relying party trusts.
  • Get-​Adfs​Scope​Description
    Gets a description for a scope in AD FS.
  • Get-​Adfs​Server​Application
    Gets configuration settings for a server application role for an application in AD FS.
  • Get-​Adfs​Ssl​Certificate
    Gets the host name, port, and certificate hash for SSL bindings configured for AD FS and the device registration service.
  • Get-​Adfs​Sync​Properties
    Gets synchronization properties the configuration database of AD FS.
  • Get-​Adfs​Trusted​Federation​Partner
    Gets a trusted federation partner in AD FS.
  • Get-​Adfs​Web​Api​Application
    Gets Web API application roles in AD FS.
  • Get-​Adfs​Web​Application​Proxy​Relying​Party​Trust
    Gets the relying party trust object for the Web Application Proxy.
  • Get-​Adfs​Web​Config
    Gets AD FS web customization configuration settings.
  • Get-​Adfs​Web​Theme
    Gets web themes.
  • Grant-​Adfs​Application​Permission
    Grants application permission.
  • Import-​Adfs​Authentication​Provider​Configuration​Data
    Imports the custom configuration for an authentication provider.
  • Import-​Adfs​Web​Content
    Imports properties from a resource file into global and relying party web content objects.
  • Initialize-​AD​Device​Registration
    Initializes the Device Registration Service configuration in the Active Directory forest.
  • Install-​Adfs​Farm
    Creates the first node of a new federation server farm.
  • Invoke-​Adfs​Farm​Behavior​Level​Raise
    Raises the behavior level of a farm.
  • New-​Adfs​Access​Control​Policy
    Creates an AD FS access control policy.
  • New-​Adfs​Application​Group
    Creates an application group.
  • New-​Adfs​Azure​Mfa​Tenant​Certificate
    Creates a certificate for the AD FS farm to use to connect to Azure MFA, or returns the currently configured certificate.
  • New-​Adfs​Claim​Rule​Set
    Creates a set of claim rules.
  • New-​Adfs​Contact​Person
    Creates a contact person object.
  • New-​Adfs​Ldap​Attribute​To​Claim​Mapping
    Creates a mapping between an attribute of an LDAP folder and an AD FS claim type.
  • New-​Adfs​Ldap​Server​Connection
    Creates a connection object.
  • New-​Adfs​Organization
    Creates a new organization information object.
  • New-​Adfs​Saml​Endpoint
    Creates a SAML protocol endpoint object.
  • New-​Adfs​Web​Theme
    Creates an AD FS web theme.
  • Publish-​Ssl​Certificate
    The Publish-SslCertificate cmdlet is deprecated.
  • Register-​Adfs​Authentication​Provider
    Registers an external authentication provider in AD FS.
  • Remove-​Adfs​Access​Control​Policy
    Removes an AD FS access control policy.
  • Remove-​Adfs​Application​Group
    Removes an application group.
  • Remove-​Adfs​Attribute​Store
    Removes an attribute store from the Federation Service.
  • Remove-​Adfs​Authentication​Provider​Web​Content
    Removes web content customization of the authentication provider in the user sign-in web pages from AD FS.
  • Remove-​Adfs​Certificate
    Removes a certificate from AD FS.
  • Remove-​Adfs​Claim​Description
    Removes a claim description from the Federation Service.
  • Remove-​Adfs​Claims​Provider​Trust
    Removes a claims provider trust from the Federation Service.
  • Remove-​Adfs​Claims​Provider​Trusts​Group
    Removes an AD FS claims provider trust group.
  • Remove-​Adfs​Client
    Deletes registration information for an OAuth 2.0 client that is currently registered with AD FS.
  • Remove-​Adfs​Device​Registration​Upn​Suffix
    Removes a custom UPN suffix.
  • Remove-​Adfs​Farm​Node
    The Remove-AdfsFarmNode cmdlet is deprecated.
  • Remove-​Adfs​Global​Web​Content
    Removes a global web content object.
  • Remove-​Adfs​Local​Claims​Provider​Trust
    Removes a local claims provider trust.
  • Remove-​Adfs​Native​Client​Application
    Removes a native client application role from an application in AD FS.
  • Remove-​Adfs​Non​Claims​Aware​Relying​Party​Trust
    Removes a relying party trust for a non-claims-aware web application or service from the Federation Service.
  • Remove-​Adfs​Relying​Party​Trust
    Removes a relying party trust from the Federation Service.
  • Remove-​Adfs​Relying​Party​Trusts​Group
    Removes a relying party trusts group.
    Remove-​Adfs​Relying​Party​Web​Content
    Removes a relying party web content object.
  • Remove-​Adfs​Relying​Party​Web​Theme
    Removes a web theme to a relying party.
  • Remove-​Adfs​Scope​Description
    Removes a scope description in AD FS.
  • Remove-​Adfs​Server​Application
    Removes a server application role from an application in AD FS.
  • Remove-​Adfs​Trusted​Federation​Partner
    Removes a trusted federation partner in AD FS.
  • Remove-​Adfs​Web​Api​Application
    Removes a Web API application role from an application in AD FS.
  • Remove-​Adfs​Web​Application​Proxy​Relying​Party​Trust
    Removes the relying party trust object for the Web Application Proxy.
  • Remove-​Adfs​Web​Theme
    Removes a web theme.
  • Restore-​Adfs​Farm​Behavior​Level
    Restores the farm to a previous behavior level.
  • Revoke-​Adfs​Application​Permission
    Revokes permission for an application.
  • Revoke-​Adfs​Proxy​Trust
    Revokes trust for all federation server proxies configured for the Federation Service.
  • Set-​Adfs​Access​Control​Policy
    Modifies an AD FS access control policy.
  • Set-​Adfs​Additional​Authentication​Rule
    Sets the global rules that provide the trigger for additional authentication providers to be invoked.
  • Set-​Adfs​Alternate​Tls​Client​Binding
    Configures an existing AD FS deployment to use the same port for both device certificate and client certificate authentication.
  • Set-​Adfs​Application​Group
    Modifies an application group.
  • Set-​Adfs​Application​Permission
    Modifies application permissions.
  • Set-​Adfs​Attribute​Store
    Modifies properties of an attribute store.
  • Set-​Adfs​Authentication​Provider​Web​Content
    Modifies a display name and description.
  • Set-​Adfs​Azure​Mfa​Tenant
    Enables an AD FS farm to use MFA.
  • Set-​Adfs​Cert​Sharing​Container
    Sets the account that is used for sharing managed certificates in a federation server farm.
  • Set-​Adfs​Certificate
    Sets the properties of an existing certificate that AD FS uses to sign, decrypt, or secure communications.
  • Set-​Adfs​Certificate​Authority
    Modifies a certificate authority.
  • Set-​Adfs​Claim​Description
    Modifies the properties of a claim description.
  • Set-​Adfs​Claims​Provider​Trust
    Sets the properties of a claims provider trust.
  • Set-​Adfs​Client
    Modifies registration settings for an OAuth 2.0 client registered with AD FS.
  • Set-​Adfs​Device​Registration
    Configures the administrative policies for the Device Registration Service.
  • Set-​Adfs​Device​Registration​Upn​Suffix
    Sets the list of UPN suffixes.
  • Set-​Adfs​Endpoint
    Sets the endpoint on a Web Application Proxy.
  • Set-​Adfs​Farm​Information
    Removes a stale or offline farm node from the farm information table.
  • Set-​Adfs​Global​Authentication​Policy
    Modifies the AD FS global policy.
  • Set-​Adfs​Global​Web​Content
    Sets properties for global web content objects.
  • Set-​Adfs​Local​Claims​Provider​Trust
    Modifies a local claims provider trust.
  • Set-​Adfs​Native​Client​Application
    Modifies configuration settings for a server native client application role of an application in AD FS.
  • Set-​Adfs​Non​Claims​Aware​Relying​Party​Trust
    Sets the properties of a relying party trust for a non-claims-aware web application or service.
  • Set-​Adfs​Properties
    Sets the properties that control global behaviors in AD FS.
  • Set-​Adfs​Registration​Hosts
    The Set-AdfsRegistrationHosts cmdlet is deprecated.
  • Set-​Adfs​Relying​Party​Trust
    Sets the properties of a relying party trust.
  • Set-​Adfs​Relying​Party​Web​Content
    Sets properties for the relying party web content objects.
  • Set-​Adfs​Relying​Party​Web​Theme
    Applies a web theme to a relying party.
  • Set-​Adfs​Scope​Description
    Modifies a scope description in AD FS.
  • Set-​Adfs​Server​Application
    Modifies configuration settings for a server application role of an application in AD FS.
  • Set-​Adfs​Ssl​Certificate
    Sets an SSL certificate for HTTPS bindings for AD FS.
  • Set-​Adfs​Sync​Properties
    Modifies the frequency of synchronization for the AD FS configuration database and which server is primary in the farm.
  • Set-​Adfs​Trusted​Federation​Partner
    Modifies configuration settings for trusted federation partners in AD FS.
  • Set-​Adfs​Web​Api​Application
    Modifies configuration settings for a Web API application in AD FS.
  • Set-​Adfs​Web​Application​Proxy​Relying​Party​Trust
    Modifies properties of the relying party trust object for the Web Application Proxy.
  • Set-​Adfs​Web​Config
    Modifies web customization configuration settings.
  • Set-​Adfs​Web​Theme
    Modifies properties of a web theme.
  • Test-​Adfs​Farm​Behavior​Level​Raise
    Tests whether you can raise the behavior level of a farm.
  • Test-​Adfs​Farm​Behavior​Level​Restore
    Tests whether you can restore an AD FS farm to a previous behavior level.
  • Test-​Adfs​Farm​Installation
    Runs prerequisite checks for installing a new federation server farm.
  • Test-​Adfs​Farm​Join
    Runs prerequisite checks for adding the server computer to a federation server farm.
  • Unregister-​Adfs​Authentication​Provider
    Deletes an external authentication provider from AD FS.
  • Update-​Adfs​Certificate
    Updates the certificates of AD FS.
  • Update-​Adfs​Claims​Provider​Trust
    Updates the claims provider trust from federation metadata.
  • Update-​Adfs​Relying​Party​Trust
    Updates the relying party trust from federation metadata.

Leave a Reply

Your email address will not be published. Required fields are marked *