SPTrustedIdentityTokenIssuerProviderRealms
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| IssuerName | Key | String | Name of the SPTrustedIdentityTokenIssuer | |
| ProviderRealms | Write | MSFT_SPProviderRealm[] | Realms to set. Those not in this list will be removed | |
| ProviderRealmsToInclude | Write | MSFT_SPProviderRealm[] | Realms to add. Realms not in this list will be left | |
| ProviderRealmsToExclude | Write | MSFT_SPProviderRealm[] | Realms to remove. Realms not in this list will be left | |
| Ensure | Write | String | Present if the ProviderRealms should be created, or Absent if it should be removed |
Present, Absent
|
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| RealmUrl | Key | String | Realm Url | |
| RealmUrn | Required | String | RealmUrn |
Type: Distributed Requires CredSSP: No
This resource is used to add or remove provider realms to SPTrustedIdentityTokenIssuer in a SharePoint farm. The "ProviderRealms" property will set a specific list of realms, making sure that every realm in the list is set and all others that are already configured but not in this list will be removed. The "ProviderRealmsToInclude" and "ProviderRealmsToExclude" properties will allow you to control a specific set of realms to add or remove, without changing any other realms that are set already. Include and Exclude can be combined together. RealmUrl is the key and should be unique, otherwise existing RealmUrn value will be updated/replaced.
This example adds provider realms to existing trusted token issuer. Existing will be removed.
Configuration Example
{
param
(
[Parameter(Mandatory = $true)]
[PSCredential]
$SetupAccount
)
Import-DscResource -ModuleName SharePointDsc
node localhost
{
$ProviderRealms = @()
$ProviderRealms += MSFT_SPProviderRealm {
RealmUrl = "https://search.contoso.com"
RealmUrn = "urn:sharepoint:contoso:search"
}
$ProviderRealms += MSFT_SPProviderRealm {
RealmUrl = "https://intranet.contoso.com"
RealmUrn = "urn:sharepoint:contoso:intranet"
}
SPTrustedIdentityTokenIssuerProviderRealms Farm1OverwriteExample
{
IssuerName = "Contoso"
ProviderRealms = $ProviderRealms
Ensure = "Present"
PsDscRunAsCredential = $SetupAccount
}
}
}This example adds provider realms to existing trusted token issuer. Existing are left and not removed.
Configuration Example
{
param
(
[Parameter(Mandatory = $true)]
[PSCredential]
$SetupAccount
)
Import-DscResource -ModuleName SharePointDsc
node localhost
{
$ProviderRealmsToInclude = @()
$ProviderRealmsToInclude += MSFT_SPProviderRealm {
RealmUrl = "https://search.contoso.com"
RealmUrn = "urn:sharepoint:contoso:search"
}
$ProviderRealmsToInclude += MSFT_SPProviderRealm {
RealmUrl = "https://intranet.contoso.com"
RealmUrn = "urn:sharepoint:contoso:intranet"
}
SPTrustedIdentityTokenIssuerProviderRealms Farm1IncludeExample
{
IssuerName = "Contoso"
ProviderRealmsToInclude = $ProviderRealmsToInclude
Ensure = "Present"
PsDscRunAsCredential = $SetupAccount
}
}
}This example excludes provider realms from existing trusted token issuer. Existing and not excluded are left and not removed.
Configuration Example
{
param
(
[Parameter(Mandatory = $true)]
[PSCredential]
$SetupAccount
)
Import-DscResource -ModuleName SharePointDsc
node localhost
{
$ProviderRealmsToExclude = @()
$ProviderRealmsToExclude += MSFT_SPProviderRealm {
RealmUrl = "https://search.contoso.com"
RealmUrn = "urn:sharepoint:contoso:search"
}
$ProviderRealmsToExclude += MSFT_SPProviderRealm {
RealmUrl = "https://intranet.contoso.com"
RealmUrn = "urn:sharepoint:contoso:intranet"
}
SPTrustedIdentityTokenIssuerProviderRealms Farm1ExcludeExample
{
IssuerName = "Contoso"
ProviderRealmsToExclude = $ProviderRealmsToExclude
Ensure = "Present"
PsDscRunAsCredential = $SetupAccount
}
}
}This example includes and excludes provider realms from existing trusted token issuer. Existing and not excluded are left and not removed.
Configuration Example
{
param
(
[Parameter(Mandatory = $true)]
[PSCredential]
$SetupAccount
)
Import-DscResource -ModuleName SharePointDsc
node localhost
{
$ProviderRealmsToInclude = @()
$ProviderRealmsToInclude += MSFT_SPProviderRealm {
RealmUrl = "https://search.contoso.com"
RealmUrn = "urn:sharepoint:contoso:search"
}
$ProviderRealmsToInclude += MSFT_SPProviderRealm {
RealmUrl = "https://intranet.contoso.com"
RealmUrn = "urn:sharepoint:contoso:intranet"
}
$ProviderRealmsToExclude = @()
$ProviderRealmsToExclude += MSFT_SPProviderRealm {
RealmUrl = "https://search1.contoso.com"
RealmUrn = "urn:sharepoint:contoso:search1"
}
$ProviderRealmsToExclude += MSFT_SPProviderRealm {
RealmUrl = "https://intranet.contoso.com"
RealmUrn = "urn:sharepoint:contoso:intranet"
}
SPTrustedIdentityTokenIssuerProviderRealms Farm1IncludeExcludeExample
{
IssuerName = "Contoso"
ProviderRealmsToInclude = $ProviderRealmsToInclude
ProviderRealmsToExclude = $ProviderRealmsToExclude
Ensure = "Present"
PsDscRunAsCredential = $SetupAccount
}
}
}