New-SPTrustedIdentityTokenIssuer
在服务器场中创建标识提供程序。
语法
New-SPTrustedIdentityTokenIssuer
-ClaimsMappings <SPClaimMappingPipeBind[]>
-Description <String>
-IdentifierClaim <String>
-Name <String>
-Realm <String>
-SignInUrl <String>
[-AssignmentCollection <SPAssignmentCollection>]
[-ClaimProvider <SPClaimProviderPipeBind>]
[-ImportTrustCertificate <X509Certificate2>]
[-UseWReply]
[-Confirm]
[-RegisteredIssuerName <String>]
[-SignOutUrl <String>]
[-WhatIf]
[<CommonParameters>] New-SPTrustedIdentityTokenIssuer
-ClaimsMappings <SPClaimMappingPipeBind[]>
-Description <String>
-IdentifierClaim <String>
-Name <String>
-Realm <String>
-SignInUrl <String>
[-AssignmentCollection <SPAssignmentCollection>]
[-ClaimProvider <SPClaimProviderPipeBind>]
-MetadataEndPoint <Uri>
[-UseWReply]
[-Confirm]
[-SignOutUrl <String>]
[-WhatIf]
[<CommonParameters>] New-SPTrustedIdentityTokenIssuer
-Description <String>
-Name <String>
-Realm <String>
-SignInUrl <String>
[-AssignmentCollection <SPAssignmentCollection>]
[-ImportTrustCertificate <X509Certificate2>]
[-UseWReply]
[-Confirm]
[-IdentifierClaimIs <String>]
[-RegisteredIssuerName <String>]
[-SignOutUrl <String>]
[-UseDefaultConfiguration]
[-WhatIf]
[<CommonParameters>] 说明
cmdlet New-SPTrustedIdentityTokenIssuer 在场中创建标识提供者。
此对象仅为在 Web 应用程序中设置此类型的标识提供程序而创建,并仅用于此目的。
指定的声明类型不能为 NTLM、Classic NTLM、Negotiate 或 Classic Negotiate。
对于 ASP.NET 成员提供程序或角色提供程序,不会保留任何对象。
对于安全令牌服务 (STS) 标识提供程序,此 cmdlet 可在 SPFarm 对象中创建并保留标识提供程序对象。
有关适用于 SharePoint 产品的 Windows PowerShell 的权限和最新信息,请参阅 SharePoint Server cmdlet。
示例
------------------示例---------------------------
New-SPTrustedIdentityTokenIssuer -Name "LiveIDSTS" - Description "LiveID STS" -Certificate (Get-ChildItem "cert:Certificates (LocalComputer)\Personal\Certificates -Name "LiveID Cert") -SignInUrl https://int.contoso.com/ -IdentifierClaim "http://schemas.contoso.com/2007/05/Claims/Puid"此示例在名为 LiveIDSTS 的服务器场中创建新的标识提供程序。
参数
-AssignmentCollection
管理对象以便正确进行处理。 使用 SPWeb 或 SPSite 等对象可能会耗用大量内存,而且在 Windows PowerShell 脚本中使用这些对象需要正确管理内存。 通过使用 SPAssignment 对象,可以将对象分配给变量,然后在不需要这些对象时对它们进行处理,以释放内存。 在使用 SPWeb、SPSite 或 SPSiteAdministration 对象时,如果不使用分配集合或 Global 参数,则会自动处理这些对象。
使用全局参数时,所有对象均包含在全局存储中。
如果未立即使用对象,或未通过使用 Stop-SPAssignment 命令来处理对象,则可能会发生内存不足的情况。
| Type: | SPAssignmentCollection |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-ClaimProvider
指定可以解析和搜索声明人员选取器声明的 IP STS。
键入的值必须为 12345678-90ab-cdef-1234-567890bcdefgh 形式的有效 GUID;或标识提供程序的有效名称(例如,MyIDprovider1);或有效 SPIdentityProvider 对象的实例。
| Type: | SPClaimProviderPipeBind |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-ClaimsMappings
指定从原始令牌到 SharePoint 令牌的声明的映射。
键入的值必须是有效的 GUID(格式为 12345678-90ab-cdef-1234-567890bcdefgh);或是声明映射规则的有效名称(例如,Email)或有效的 SPClaimMapping 对象的实例。
| Type: | SPClaimMappingPipeBind[] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-Confirm
提示你在运行 cmdlet 之前进行确认。
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-Description
指定新标识提供程序的说明。
键入的值必须为有效字符串;例如,LiveID STS。
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-IdentifierClaim
指定将对新标识提供程序使用受信任 STS 中的哪种声明类型。
键入的值必须是受信任 STS 中的有效声明类型;例如,http://schemas.microsoft.com/2007/05/Claims/Puid。
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-IdentifierClaimIs
指定哪个默认的映射声明应用作标识符声明。
只有 UseDefaultConfiguration 参数设置为 true 时,才能使用此参数,否则,使用 IdentifierClaim 参数。
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-ImportTrustCertificate
指定受信任的验证提供程序服务器场的 X.509 证书对象。
键入的值必须是有效的 X.509 证书名称;例如,Certificate1。
| Type: | X509Certificate2 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-MetadataEndPoint
指定受信任提供程序的元数据终结点的 URI。
| Type: | Uri |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-Name
指定新标识提供程序的名称。
键入的值必须为标识提供程序的有效名称;例如,LiveIDSTS。
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-Realm
指定与此信任关联的领域或资源分区。
键入的值必须为有效领域的名称;例如,MD_REALM。
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-RegisteredIssuerName
指定已注册的颁发者名称,而不是不使用元数据终结点。
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-SignInUrl
指定此受信任 STS 标识提供程序的登录 URL。
The type must be a valid URL, in the form https://int.live.com/.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-SignOutUrl
指定受信任提供程序的注销 URI。 这使 SharePoint 在用户从 SharePoint 注销后将用户从受信任提供程序中注销。
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-UseDefaultConfiguration
指定是否应使用默认的声明映射集。
UseDefaultConfiguration 参数必须与 IdentifierClaimIs 参数一起使用。
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-UseWReply
随令牌请求一起包含 WReply。
WReply 是信赖方的 URL,一旦注销处理完成,请求者就会重定向到该 URL。
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
-WhatIf
显示在 cmdlet 运行时发生的情况。 此 cmdlet 未运行。
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Server Subscription Edition |
反馈
即将发布:在整个 2024 年,我们将逐步淘汰作为内容反馈机制的“GitHub 问题”,并将其取代为新的反馈系统。 有关详细信息,请参阅:https://aka.ms/ContentUserFeedback。
提交和查看相关反馈