Create and sign on to the Private portal – Part 6

In the previous post we got the configuration done to allow the user to authenticate and associate their login details to the user request. At that point they will be sent and email inviting them to login into the private portal to start to do business. In this video we’ll look at the setup of that private portal.

In this walk through we configured the public and the private site on the same machine. Through the configuration process we told SharePoint about our authentication provider. So if have different machines then you will want to do the setup for the trusted root authority that you saw in this post  about 10minutes in this video where we configure SharePoint with PowerShell and run these sets of commands:

————————-

$claim1 = New-SPClaimTypeMapping -IncomingClaimType “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier” -IncomingClaimTypeDisplayName “ACS Name Identifier Claim” -LocalClaimType “http://schemas.microsoft.com/custom/claim/type/2013/07/acs-nameidentifier”
$claim2 = New-SPClaimTypeMapping -IncomingClaimType “http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider” -IncomingClaimTypeDisplayName “ACS Identity Provider” -LocalClaimType “http://schemas.microsoft.com/custom/claim/type/2013/07/acs-identityprovider”
$claim3 = New-SPClaimTypeMapping -IncomingClaimType “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name” -IncomingClaimTypeDisplayName “ACS username” -LocalClaimType “http://schemas.microsoft.com/custom/claim/type/2013/07/acs-username”

$acscert = Get-PfxCertificate c:\temp\ACSCertVM6.cer

New-SPTrustedIdentityTokenIssuer -Name “AzureACS” -Description “Azure ACS” -Realm “urn:axr3mavm6:AzureACS”  -ImportTrustCertificate $acscert -SignInUrl “https://axr3mavm6.accesscontrol.windows.net/v2/wsfederation” -ClaimsMappings $claim1,$claim2,$claim3 -IdentifierClaim $claim1.InputClaimType

$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($acscert)
$spcert = New-SPTrustedRootAuthority -Certificate $cert -Name “ACSTokenSigningCert”

——————-

You can done the hard part if you get to this step. In these videos I was using LiveID as the authentication provider but you could use something else like Azure Active Directory as you can see in these posts.

https://organicax.com/2015/03/04/creating-a-new-azure-ad-identity-provider-in-azure-acs-and-use-with-ax2012-enterprise-portal/

https://organicax.com/2015/03/04/concepts-in-using-azure-ad-with-ax2012-enterprise-portal/

Good luck with it.

Cheers

Lachlan

One response to “Create and sign on to the Private portal – Part 6

  1. Pingback: Steps to configure Azure ACS claims Enterprise Portal | OrganicAX·

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s