Create and sign on to the Private portal – Part 6

· by · in Integration technology. ·

In the previous post we got the configuration done to allow the user to authenticate and associate their login details to the user request. At that point they will be sent and email inviting them to login into the private portal to start to do business. In this video we’ll look at the setup of that private portal.

In this walk through we configured the public and the private site on the same machine. Through the configuration process we told SharePoint about our authentication provider. So if have different machines then you will want to do the setup for the trusted root authority that you saw in this post  about 10minutes in this video where we configure SharePoint with PowerShell and run these sets of commands:

————————-

$claim1 = New-SPClaimTypeMapping -IncomingClaimType “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier” -IncomingClaimTypeDisplayName “ACS Name Identifier Claim” -LocalClaimType “http://schemas.microsoft.com/custom/claim/type/2013/07/acs-nameidentifier”
$claim2 = New-SPClaimTypeMapping -IncomingClaimType “http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider” -IncomingClaimTypeDisplayName “ACS Identity Provider” -LocalClaimType “http://schemas.microsoft.com/custom/claim/type/2013/07/acs-identityprovider”
$claim3 = New-SPClaimTypeMapping -IncomingClaimType “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name” -IncomingClaimTypeDisplayName “ACS username” -LocalClaimType “http://schemas.microsoft.com/custom/claim/type/2013/07/acs-username”

$acscert = Get-PfxCertificate c:\temp\ACSCertVM6.cer

New-SPTrustedIdentityTokenIssuer -Name “AzureACS” -Description “Azure ACS” -Realm “urn:axr3mavm6:AzureACS”  -ImportTrustCertificate $acscert -SignInUrl “https://axr3mavm6.accesscontrol.windows.net/v2/wsfederation” -ClaimsMappings $claim1,$claim2,$claim3 -IdentifierClaim $claim1.InputClaimType

$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($acscert)
$spcert = New-SPTrustedRootAuthority -Certificate $cert -Name “ACSTokenSigningCert”

——————-

You can done the hard part if you get to this step. In these videos I was using LiveID as the authentication provider but you could use something else like Azure Active Directory as you can see in these posts.

Creating a new Azure AD identity provider in Azure ACS and use with AX2012 Enterprise Portal

Concepts in using Azure AD with AX2012 Enterprise Portal

Good luck with it.

Cheers

Lachlan

One response to “Create and sign on to the Private portal – Part 6

  1. Pingback: Steps to configure Azure ACS claims Enterprise Portal | OrganicAX·

Leave a comment