Our previous environment had SharePoint 2013 Publishing Portal and Mysite Site Collection on the Same Web Application.
What we did then was to create SPN for the SharePoint Application Pool Service Account and add it under the Delegation tab of the Web Application Proxy Server. After that, we configured Non-Claims Aware Rule for the SharePoint URL in ADFS and created an ADFS Authenticated Publishing Rule for SharePoint Portal in the WAP Server.
SharePoint Site was extended and the extended site had authentication changed from NTLM to Kerberos. Both SharePoint 2013 and MySite worked Externally.
Currently, we have the following Separate Web Applications:
- SharePoint 2019 Communication Site Collection (Extended with Kerberos Authentication and ADFS Non Claims Aware and WAP ADFS Authentication Publishing Rule Created)
- MySite Host Site Collection
Want to publish Mysite via ADFS and WAP. (Mysite in on another Web Application)
Have added the MySite SPNS to the Application Pool Account that runs both SharePoint Portal and My Site. I have also created a Non-Claims Aware Rule for My Site too in ADFS.
I have extended the Mysite with Kerberos Authentication and have an external DNS record for the Mysite Host created But do I have to create an ADFS Authenticated Publishing rule for Mysite in WAP? If I do this, would the user have to login into another ADFS Login Page? Is this the right way? or should I just use a Passthrough Rule?
Have used the following guide: http://www.sharepoint4developers.net/en-nz/post/wap-adfs-sp2013-kerberos.aspx (However the WAP Rule for Mysite is not mentioned)...