ADFS
This reference provides command-line reference documentation for the IT professional of the Windows PowerShell cmdlets that you can use to deploy and administer Active Directory Federation Services (AD FS) in Windows Server.
ADFS
| Add-AdfsAttributeStore |
Adds an attribute store to the Federation Service. |
| Add-AdfsCertificate |
Adds a new certificate to AD FS for signing, decrypting, or securing communications. |
| Add-AdfsClaimDescription |
Adds a claim description to the Federation Service. |
| Add-AdfsClaimsProviderTrust |
Adds a new claims provider trust to the Federation Service. |
| Add-AdfsClient |
Registers an OAuth 2.0 client with AD FS. |
| Add-AdfsDeviceRegistrationUpnSuffix |
Adds a custom UPN suffix. |
| Add-AdfsFarmNode |
Adds this computer to an existing federation server farm. |
| Add-AdfsNonClaimsAwareRelyingPartyTrust |
Adds a relying party trust that represents a non-claims-aware web application or service to the Federation Service. |
| Add-AdfsRelyingPartyTrust |
Adds a new relying party trust to the Federation Service. |
| Add-AdfsWebApplicationProxyRelyingPartyTrust |
Adds a relying party trust for the Web Application Proxy. |
| Disable-AdfsClaimsProviderTrust |
Disables a claims provider trust in the Federation Service. |
| Disable-AdfsClient |
Disables an OAuth 2.0 client that is currently registered with AD FS. |
| Disable-AdfsDeviceRegistration |
Marks the Device Registration Service as disabled on an AD FS server. |
| Disable-AdfsEndpoint |
Disables an endpoint of AD FS. |
| Disable-AdfsNonClaimsAwareRelyingPartyTrust |
Disables a relying party trust for a non-claims-aware web application or service from the Federation Service. |
| Disable-AdfsRelyingPartyTrust |
Disables a relying party trust of the Federation Service. |
| Disable-AdfsWebApplicationProxyRelyingPartyTrust |
Disables the relying party trust for the Web Application Proxy. |
| Enable-AdfsClaimsProviderTrust |
Enables a claims provider trust in the Federation Service. |
| Enable-AdfsClient |
Enables the use of an OAuth 2.0 client registration by AD FS. |
| Enable-AdfsDeviceRegistration |
Configures a server in an AD FS farm to host the Device Registration Service. |
| Enable-AdfsEndpoint |
Enables an endpoint in AD FS. |
| Enable-AdfsNonClaimsAwareRelyingPartyTrust |
Enables a relying party trust for a non-claims-aware web application or service from the Federation Service. |
| Enable-AdfsRelyingPartyTrust |
Enables a relying party trust of the Federation Service. |
| Enable-AdfsWebApplicationProxyRelyingPartyTrust |
Enables the relying party trust object for the Web Application Proxy. |
| Export-AdfsAuthenticationProviderConfigurationData |
Exports the custom configuration of an external authentication provider to a file. |
| Export-AdfsDeploymentSQLScript |
Generates SQL scripts to create the AD FS database and to grant permissions. |
| Export-AdfsWebContent |
Exports properties of all web content objects in a specific locale to a specified file. |
| Export-AdfsWebTheme |
Exports a web theme to a folder. |
| Get-AdfsAdditionalAuthenticationRule |
Retrieves the global rules that trigger additional authentication providers to be invoked. |
| Get-AdfsAttributeStore |
Gets the attribute stores of the Federation Service. |
| Get-AdfsAuthenticationProvider |
Gets a list of all authentication providers in AD FS. |
| Get-AdfsAuthenticationProviderWebContent |
Retrieves web content objects for authentication providers. |
| Get-AdfsCertificate |
Retrieves the certificates from AD FS. |
| Get-AdfsClaimDescription |
Gets claim descriptions from the Federation Service. |
| Get-AdfsClaimsProviderTrust |
Gets the claims provider trusts in the Federation Service. |
| Get-AdfsClient |
Retrieves registration information for an OAuth 2.0 client. |
| Get-AdfsDeviceRegistration |
Gets the administrative polices of the Device Registration Service. |
| Get-AdfsDeviceRegistrationUpnSuffix |
Gets the UPN suffixes that can be used with device registration. |
| Get-AdfsEndpoint |
Retrieves an endpoint in AD FS. |
| Get-AdfsGlobalAuthenticationPolicy |
Displays the AD FS global policy. |
| Get-AdfsGlobalWebContent |
Gets global web content objects. |
| Get-AdfsNonClaimsAwareRelyingPartyTrust |
Gets the properties of a relying party trust for a non-claims-aware web application or service. |
| Get-AdfsProperties |
Gets all the associated properties for the AD FS service. |
| Get-AdfsRegistrationHosts |
The Get-AdfsRegistrationHosts cmdlet is deprecated. Instead, use the Get-AdfsDeviceRegistrationUpnSuffix cmdlet. |
| Get-AdfsRelyingPartyTrust |
Gets the relying party trusts of the Federation Service. |
| Get-AdfsRelyingPartyWebContent |
Gets web content objects for relying parties. |
| Get-AdfsSslCertificate |
Gets the host name, port, and certificate hash for SSL bindings configured for AD FS and the device registration service. |
| Get-AdfsSyncProperties |
Gets synchronization properties the configuration database of AD FS. |
| Get-AdfsWebApplicationProxyRelyingPartyTrust |
Gets the relying party trust object for the Web Application Proxy. |
| Get-AdfsWebConfig |
Gets AD FS web customization configuration settings. |
| Get-AdfsWebTheme |
Gets web themes. |
| Import-AdfsAuthenticationProviderConfigurationData |
Imports the custom configuration for an authentication provider. |
| Import-AdfsWebContent |
Imports properties from a resource file into global and relying party web content objects. |
| Initialize-ADDeviceRegistration |
Initializes the Device Registration Service configuration in the Active Directory forest. |
| Install-AdfsFarm |
Creates the first node of a new federation server farm. |
| New-AdfsClaimRuleSet |
Creates a set of claim rules. |
| New-AdfsContactPerson |
Creates a contact person object. |
| New-AdfsOrganization |
Creates a new organization information object. |
| New-AdfsSamlEndpoint |
Creates a SAML protocol endpoint object. |
| New-AdfsWebTheme |
Creates an AD FS web theme. |
| Publish-SslCertificate |
The Publish-SslCertificate cmdlet is deprecated. Instead, use the Set-AdfsSslCertificate cmdlet. |
| Register-AdfsAuthenticationProvider |
Registers an external authentication provider in AD FS. |
| Remove-AdfsAttributeStore |
Removes an attribute store from the Federation Service. |
| Remove-AdfsAuthenticationProviderWebContent |
Removes web content customization of the authentication provider in the user sign-in web pages from AD FS. |
| Remove-AdfsCertificate |
Removes a certificate from AD FS. |
| Remove-AdfsClaimDescription |
Removes a claim description from the Federation Service. |
| Remove-AdfsClaimsProviderTrust |
Removes a claims provider trust from the Federation Service. |
| Remove-AdfsClient |
Deletes registration information for an OAuth 2.0 client that is currently registered with AD FS. |
| Remove-AdfsDeviceRegistrationUpnSuffix |
Removes a custom UPN suffix. |
| Remove-AdfsFarmNode |
The Remove-AdfsFarmNode cmdlet is deprecated. Instead, use the Uninstall-WindowsFeature cmdlet. |
| Remove-AdfsGlobalWebContent |
Removes a global web content object. |
| Remove-AdfsNonClaimsAwareRelyingPartyTrust |
Removes a relying party trust for a non-claims-aware web application or service from the Federation Service. |
| Remove-AdfsRelyingPartyTrust |
Removes a relying party trust from the Federation Service. |
| Remove-AdfsRelyingPartyWebContent |
Removes a relying party web content object. |
| Remove-AdfsWebApplicationProxyRelyingPartyTrust |
Removes the relying party trust object for the Web Application Proxy. |
| Remove-AdfsWebTheme |
Removes a web theme. |
| Revoke-AdfsProxyTrust |
Revokes trust for all adfs2_fsp configured for the Federation Service. |
| Set-AdfsAdditionalAuthenticationRule |
Sets the global rules that provide the trigger for additional authentication providers to be invoked. |
| Set-AdfsAttributeStore |
Modifies properties of an attribute store. |
| Set-AdfsAuthenticationProviderWebContent |
Modifies a display name and description. |
| Set-AdfsCertificate |
Sets the properties of an existing certificate that AD FS uses to sign, decrypt, or secure communications. |
| Set-AdfsCertSharingContainer |
Sets the account that is used for sharing managed certificates in a federation server farm. |
| Set-AdfsClaimDescription |
Modifies the properties of a claim description. |
| Set-AdfsClaimsProviderTrust |
Sets the properties of a claims provider trust. |
| Set-AdfsClient |
Modifies registration settings for an OAuth 2.0 client registered with AD FS. |
| Set-AdfsDeviceRegistration |
Configures the administrative policies for the Device Registration Service. |
| Set-AdfsDeviceRegistrationUpnSuffix |
Sets the list of UPN suffixes. |
| Set-AdfsEndpoint |
Sets the endpoint on a Web Application Proxy. |
| Set-AdfsGlobalAuthenticationPolicy |
Modifies the AD FS global policy. |
| Set-AdfsGlobalWebContent |
Sets properties for global web content objects. |
| Set-AdfsNonClaimsAwareRelyingPartyTrust |
Sets the properties of a relying party trust for a non-claims-aware web application or service. |
| Set-AdfsProperties |
Sets the properties that control global behaviors in AD FS. |
| Set-AdfsRegistrationHosts |
The Set-AdfsRegistrationHosts cmdlet is deprecated. Instead, use the Set-AdfsDeviceRegistrationUpnSuffix cmdlet. |
| Set-AdfsRelyingPartyTrust |
Sets the properties of a relying party trust. |
| Set-AdfsRelyingPartyWebContent |
Sets properties for the relying party web content objects. |
| Set-AdfsSslCertificate |
Sets an SSL certificate for HTTPS bindings for AD FS and the device registration service. |
| Set-AdfsSyncProperties |
Modifies the frequency of synchronization for the AD FS configuration database and which server is primary in the farm. |
| Set-AdfsWebApplicationProxyRelyingPartyTrust |
Modifies properties of the relying party trust object for the Web Application Proxy. |
| Set-AdfsWebConfig |
Modifies web customization configuration settings. |
| Set-AdfsWebTheme |
Modifies properties of a web theme. |
| Test-AdfsFarmInstallation |
Runs prerequisite checks for installing a new federation server farm. |
| Test-AdfsFarmJoin |
Runs prerequisite checks for adding the server computer to a federation server farm. |
| Unregister-AdfsAuthenticationProvider |
Deletes an external authentication provider from AD FS. |
| Update-AdfsCertificate |
Updates the certificates of AD FS. |
| Update-AdfsClaimsProviderTrust |
Updates the claims provider trust from federation metadata. |
| Update-AdfsRelyingPartyTrust |
Updates the relying party trust from federation metadata. |
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for