See all products »
Curah! curation service
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Server and Tools Blogs
TechNet Flash Newsletter
Cloud and Datacenter
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Microsoft Download Center
TechNet Evaluation Center
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Second shot for certification
Born To Learn blog
Find technical communities in your area
For small and midsize businesses
For IT professionals
For technical support
For home users
Microsoft Premier Online
Microsoft Fix It Center
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
SharePoint serendipity is the effect by which one accidentally discovers something fortunate, especially while looking for something else entirely. In this case, it is the occassional musings, observations, and Ouija board readings about the phabulously
Office Web Apps
OneDrive for Business
Visual Studio 2010
Visual Studio 2012
Windows Phone 7
Windows Phone 8
Browse by Tags
Bug Alert for April CU and Migrating Users
Just heard about a nasty little bug in the April CU from my friend Syed. He was using the SPWebApplication.MigrateUsers method to migrate accounts from one claim value to another (i.e. like if you were migrating from Windows claims to SAML claims, or in his case, changing identity claim values). Turns...
3 Mar 2015
Signout With SharePoint 2013 and SAML
Today's topic is one for which I deserve zero credit, I'm just putting out info that one of our crack engineers, Chad Ray, managed to dig up. I wanted to publish it here because I've worked with and talked to so many folks in the past who have struggled with getting a truly complete signout...
15 Jan 2015
SAML in a Box - Inviting External Users to Your SharePoint Farm
Those of you who follow the Share-n-Dipity blog know that I don’t really do much in the way of product endorsements. However, you have probably also figured out that I’m a big SAML fan, so when a friend of mine recently released a new product for this market it really caught my eye. If you’ve...
10 Jun 2014
SAML Support for SharePoint-Hosted Apps with ADFS 3.0
This is another case where I'm just passing information along here, based on the great work of others. As you probably know, we did not have a good story for SharePoint-hosted apps in web application that uses SAML authentication with ADFS 2.0. However, I have had reports from a couple of different...
19 May 2014
Claim Type Exceptions with Custom Claims Providers in SharePoint 2013
This issue applies to SharePoint 2010 as well but...suppose you have created a custom claims provider and one of the things you want to do is to have some custom claim types that you use. What I mean by custom claim types is just that they are not one of the standard out of the box types like email,...
16 Apr 2014
More Info on an Old Friend - the Custom Claims Provider, Uri Parameters and EntityTypes in SharePoint 2013
Back to oldie but a goodie - the custom claims provider for SharePoint. I believe this applies to SharePoint 2010 as well but honestly I have only tested what I'm about to describe on SharePoint 2013 and don't have the bandwidth to go back and do a 2010 test as well. What I wanted to describe...
8 Apr 2014
Programmatically Adding A Trusted Identity Token Issuer to a Web Application Zone in SharePoint 2010 and 2013
Seems like I haven't had a chance to write a good SharePoint / SAML claims kind of article in a while. I was happily plugging away on some code this weekend for a scenario I haven't done before so I thought I would go ahead and post it here for the search engines. The whole topic in general has...
28 Feb 2014
Mapping User Profiles for SAML Users with an AD Import in SharePoint 2013
This is a topic that becomes very important in SharePoint 2013, and that is making sure you have a fully populated user profile application. In SharePoint 2013 the user profile system plays a critical role in the OAuth infrastructure, which is what allows certain trusted application scenarios to succeed...
8 Aug 2012
How To Add Additional Claims in ADFS 2.0 that can be Consumed in SharePoint 2010
Just a quick tip here to save you a little time in case you decide you want to add additional claims for your users in ADFS 2.0 and have them successfully consumed in SharePoint 2010. The key thing to remember is that SharePoint only supports SAML 1.x, so it requires that the claim type be in a very...
2 Apr 2011
Problems Resolving Claims Names in SharePoint 2010
I've seen this problem crop up a few times now so I thought I'd try and share in case you run across it and are trying to troubleshoot. I've seen cases where you can't get name resolution to work, like when you type in a name in the type-in control then click the resolve button. You may...
15 Nov 2010
Using ACS with the New Azure Web Sites
This is effectively just a "retweet" but I wanted to call this out because it was very helpful recently solving a problem in what I think is an important scenario - using ACS for federated identity management with an application hosted in the new Azure web sites. Vittorio Bertocci posted on...
29 Jan 2013
TrustedMissingIdentityClaimSource Error with Claims Auth in SharePoint 2010
I've seen this error happen a few times to myself and others so I thought I would share the likely culprit. The scenario is, you set up claims authentication in SharePoint 2010...and you're pretty sure you've configured everything correctly. :-) When you actually try and navigate to the site...
24 Sep 2010
Adding A Custom Claim to a Web App Policy via PowerShell in SharePoint 2010
I found this process to be much more difficult than anticipated, and then much easier than expected once done so I figured I would do a quick post on it. The task at hand was to add a custom claim to a web app policy via PowerShell. It all works simple enough via the central admin UI. Once you get into...
12 Nov 2010
Federated SAML Authentication with SharePoint 2010 and Azure Access Control Service Part 1
I had been looking at Windows Azure Access Control Service (ACS) with an interesting eye recently, thinking about some of the different integration options. There’s always lots of chatter about claims authentication with SharePoint 2010, and how to integrate ADFS, Windows Live, Facebook, etc. ACS...
5 May 2011
Access Denied with Claims Auth in Interim Build
For those of you who have access to one of the interim builds of SharePoint 2010, specifically 4730.1010, you will very likely find claims to be pretty much non-functional. Like after everything is set up and you hit the SharePoint site, you are taken to the page that says "you are signed in as Joe Blow...
13 Feb 2010
Federating SiteMinder and SharePoint 2010
Hey folks, I just wanted to let you know that CA SiteMinder and Microsoft folks have been working together to create a whitepaper that details how to federate identities between CA Federation Manager and SharePoint 2010. They have recently released this paper that describes in great detail how to do...
10 Jun 2011
Writing a Custom Claims Provider for SharePoint 2010 - Part 3: Searching Claims
In the first two parts in this series we've seen how to create a custom provider, do claims augmentation and register the provider, as well as how to add a hierarchy to the people picker. In this post we'll talk about how to implement searching for our claims in the people picker with our custom...
13 Mar 2010
Using the WHR Parameter with SharePoint 2010 and SAML Auth
I've seen lots of questions and confusion (and was a little lost myself for a bit) on the fixes in SharePoint 2010 SP1 + June CU to enable use of the WHR parameter. This does in fact work now but requires a couple of things: Configure the SPTrustedIdentityTokenIssuer The SPTrustedIdentityTokenIssuer...
15 Sep 2011
How to Override the Default Name Resolution and Claims Provider in SharePoint 2010
An issue that has frustrated a lot of folks since SharePoint 2007 and the WebSSO provider, and that continues today in SharePoint 2010 when using claims authentication with something like ADFS v2, is name resolution. Meaning that in most cases you can type in any random value you want into the search...
28 Apr 2010
SharePoint 2010 Claims Auth Login Stops at ADFS Authentication Page
I've had this happen a number of times and it always temporarily gets me gummed up so I thought I would describe this problem and resolution here because I'm sure others have seen it too. Assume you have configured a SharePoint web app to use SAML claims, and the IP-STS is ADFS 2.0. What I...
25 Feb 2011
Using Custom Claims in Web Application Policies in SharePoint 2010
Had kind of an interesting question that someone just asked me so I thought I would share the results here with everyone. The question was whether you could take a custom claim that is provided by augmentation via a custom claims provider, and use it as part of a web application policy that you create...
23 Aug 2010
Retrieving REST Data in a Claims Based Auth Site in SharePoint 2010
NOTE: This posting is a very small part of one section of a new whitepaper coming out on claims and SharePoint 2010. Look the whitepaper later this year or early next year. SharePoint 2010 provides the ability to retrieve list data through a REST interface. In this example I'll reuse the code...
25 Sep 2010
More Information on Adding and Changing Custom Claims Providers in SharePoint 2010
This is a topic that continues to generate swirl, because as soon as you make one change you may want to make another or remove a change you made. I've blogged about this topic before: http://blogs.technet.com/speschka/archive/2010/04/28/how-to-override-the-default-name-resolution-and-claims-provider...
2 Jun 2010
Configuring SharePoint to use a Specific Identity Provider in ADFS
In my previous posting ( http://blogs.technet.com/b/speschka/archive/2010/11/24/configuring-adfs-trusts-for-multiple-identity-providers-with-sharepoint-2010.aspx ), I explained how to configure trusts between two different ADFS servers. One example where this may be necessary is if you have one ADFS...
24 Nov 2010
The Claims, Azure and SharePoint Integration Toolkit Part 4
This is part 4 of a 5 part series on the CASI (Claims, Azure and SharePoint Integration) Kit. · Part 1 : an introductory overview of the entire framework and solution and described what the series is going to try and cover. · Part 2 : the guidance part of the CASI Kit. It starts with...
8 Nov 2010
© 2015 Microsoft Corporation.
Privacy & Cookies