ADFS

This reference provides command-line reference documentation for the IT professional of the Windows PowerShell cmdlets that you can use to deploy and administer Active Directory Federation Services (AD FS) in Windows Server.

adfs

Add-Adfs Attribute Store

Adds an attribute store to the Federation Service.

Add-Adfs Certificate

Adds a new certificate to AD FS for signing, decrypting, or securing communications.

Add-Adfs Claim Description

Adds a claim description to the Federation Service.

Add-Adfs Claims Provider Trust

Adds a new claims provider trust to the Federation Service.

Add-Adfs Claims Provider Trusts Group

Creates a claims provider trust group based on metadata that contains multiple entities.

Add-Adfs Client

Registers an OAuth 2.0 client with AD FS.

Add-Adfs Device Registration Upn Suffix

Adds a custom UPN suffix.

Add-Adfs Farm Node

Adds this computer to an existing federation server farm.

Add-Adfs Local Claims Provider Trust

Creates a local claims provider trust.

Add-Adfs Native Client Application

Adds a native client application role to an application in AD FS.

Add-Adfs Non Claims Aware Relying Party Trust

Adds a relying party trust that represents a non-claims-aware web application or service to the Federation Service.

Add-Adfs Relying Party Trust

Adds a new relying party trust to the Federation Service.

Add-Adfs Relying Party Trusts Group

Creates a relying party trusts group.

Add-Adfs Scope Description

Adds a scope description in AD FS.

Add-Adfs Server Application

Adds a server application role to an application in AD FS.

Add-Adfs Trusted Federation Partner

Adds configuration settings for trusted federation partners in AD FS.

Add-Adfs Web Api Application

Adds a Web API application role to an application in AD FS.

Add-Adfs Web Application Proxy Relying Party Trust

Adds a relying party trust for the Web Application Proxy.

Disable-Adfs Application Group

Disables an application group.

Disable-Adfs Certificate Authority

Disables a certificate authority.

Disable-Adfs Claims Provider Trust

Disables a claims provider trust in the Federation Service.

Disable-Adfs Client

Disables an OAuth 2.0 client that is currently registered with AD FS.

Disable-Adfs Device Registration

Marks the Device Registration Service as disabled on an AD FS server.

Disable-Adfs Endpoint

Disables an endpoint of AD FS.

Disable-Adfs Local Claims Provider Trust

Disables a local claims provider trust.

Disable-Adfs Non Claims Aware Relying Party Trust

Disables a relying party trust for a non-claims-aware web application or service from the Federation Service.

Disable-Adfs Relying Party Trust

Disables a relying party trust of the Federation Service.

Disable-Adfs Web Application Proxy Relying Party Trust

Disables the relying party trust for the Web Application Proxy.

Enable-Adfs Application Group

Enables an application group in AD FS.

Enable-Adfs Claims Provider Trust

Enables a claims provider trust in the Federation Service.

Enable-Adfs Client

Enables the use of an OAuth 2.0 client registration by AD FS.

Enable-Adfs Device Registration

This cmdlet has been deprecated.

Enable-Adfs Endpoint

Enables an endpoint in AD FS.

Enable-Adfs Local Claims Provider Trust

Enables a local claims provider trust.

Enable-Adfs Non Claims Aware Relying Party Trust

Enables a relying party trust for a non-claims-aware web application or service from the Federation Service.

Enable-Adfs Relying Party Trust

Enables a relying party trust of the Federation Service.

Enable-Adfs Web Application Proxy Relying Party Trust

Enables the relying party trust object for the Web Application Proxy.

Export-Adfs Authentication Provider Configuration Data

Returns a file containing the tenant ID for which the AD FS farm is configured for Azure MFA, as well as the well-known client ID for Azure MFA.

Export-Adfs Deployment SQLScript

Generates SQL scripts to create the AD FS database and to grant permissions.

Export-Adfs Web Content

Exports properties of all web content objects in a specific locale to a specified file.

Export-Adfs Web Theme

Exports a web theme to a folder.

Get-Adfs Access Control Policy

Gets an AD FS access control policy.

Get-Adfs Additional Authentication Rule

Retrieves the global rules that trigger additional authentication providers to be invoked.

Get-Adfs Application Group

Gets an application group.

Get-Adfs Application Permission

Gets permission for an application.

Get-Adfs Attribute Store

Gets the attribute stores of the Federation Service.

Get-Adfs Authentication Provider

Gets a list of all authentication providers in AD FS.

Get-Adfs Authentication Provider Web Content

Retrieves web content objects for authentication providers.

Get-Adfs Azure Mfa Configured

Gets whether Azure MFA is enabled.

Get-Adfs Certificate

Retrieves the certificates from AD FS.

Get-Adfs Certificate Authority

Gets a certificate authority.

Get-Adfs Claim Description

Gets claim descriptions from the Federation Service.

Get-Adfs Claims Provider Trust

Gets the claims provider trusts in the Federation Service.

Get-Adfs Claims Provider Trusts Group

Gets an AD FS claims provider trust group.

Get-Adfs Client

Retrieves registration information for an OAuth 2.0 client.

Get-Adfs Device Registration

Gets the administrative polices of the Device Registration Service.

Get-Adfs Device Registration Upn Suffix

Gets the UPN suffixes that can be used with device registration.

Get-Adfs Endpoint

Retrieves an endpoint in AD FS.

Get-Adfs Farm Information

Gets AD FS behavior level and farm node information.

Get-Adfs Global Authentication Policy

Displays the AD FS global policy.

Get-Adfs Global Web Content

Gets global web content objects.

Get-Adfs Local Claims Provider Trust

Gets local claims provider trusts.

Get-Adfs Native Client Application

Gets native client application roles from an application in AD FS.

Get-Adfs Non Claims Aware Relying Party Trust

Gets the properties of a relying party trust for a non-claims-aware web application or service.

Get-Adfs Properties

Gets all the associated properties for the AD FS service.

Get-Adfs Registration Hosts

The Get-AdfsRegistrationHosts cmdlet is deprecated.

Get-Adfs Relying Party Trust

Gets the relying party trusts of the Federation Service.

Get-Adfs Relying Party Trusts Group

Gets a relying party trust group.

Get-Adfs Relying Party Web Content

Gets web content objects for relying parties.

Get-Adfs Relying Party Web Theme

Gets properties of web themes applied to relying party trusts.

Get-Adfs Scope Description

Gets a description for a scope in AD FS.

Get-Adfs Server Application

Gets configuration settings for a server application role for an application in AD FS.

Get-Adfs Ssl Certificate

Gets the host name, port, and certificate hash for SSL bindings configured for AD FS and the device registration service.

Get-Adfs Sync Properties

Gets synchronization properties the configuration database of AD FS.

Get-Adfs Trusted Federation Partner

Gets a trusted federation partner in AD FS.

Get-Adfs Web Api Application

Gets Web API application roles in AD FS.

Get-Adfs Web Application Proxy Relying Party Trust

Gets the relying party trust object for the Web Application Proxy.

Get-Adfs Web Config

Gets AD FS web customization configuration settings.

Get-Adfs Web Theme

Gets web themes.

Grant-Adfs Application Permission

Grants application permission.

Import-Adfs Authentication Provider Configuration Data

Imports the custom configuration for an authentication provider.

Import-Adfs Web Content

Imports properties from a resource file into global and relying party web content objects.

Initialize-ADDevice Registration

Initializes the Device Registration Service configuration in the Active Directory forest.

Install-Adfs Farm

Creates the first node of a new federation server farm.

Invoke-Adfs Farm Behavior Level Raise

Raises the behavior level of a farm.

New-Adfs Access Control Policy

Creates an AD FS access control policy.

New-Adfs Application Group

Creates an application group.

New-Adfs Azure Mfa Tenant Certificate

Creates a certificate for the AD FS farm to use to connect to Azure MFA, or returns the currently configured certificate.

New-Adfs Claim Rule Set

Creates a set of claim rules.

New-Adfs Contact Person

Creates a contact person object.

New-Adfs Ldap Attribute ToClaim Mapping

Creates a mapping between an attribute of an LDAP folder and an AD FS claim type.

New-Adfs Ldap Server Connection

Creates a connection object.

New-Adfs Organization

Creates a new organization information object.

New-Adfs Saml Endpoint

Creates a SAML protocol endpoint object.

New-Adfs Web Theme

Creates an AD FS web theme.

Publish-Ssl Certificate

The Publish-SslCertificate cmdlet is deprecated.

Register-Adfs Authentication Provider

Registers an external authentication provider in AD FS.

Remove-Adfs Access Control Policy

Removes an AD FS access control policy.

Remove-Adfs Application Group

Removes an application group.

Remove-Adfs Attribute Store

Removes an attribute store from the Federation Service.

Remove-Adfs Authentication Provider Web Content

Removes web content customization of the authentication provider in the user sign-in web pages from AD FS.

Remove-Adfs Certificate

Removes a certificate from AD FS.

Remove-Adfs Claim Description

Removes a claim description from the Federation Service.

Remove-Adfs Claims Provider Trust

Removes a claims provider trust from the Federation Service.

Remove-Adfs Claims Provider Trusts Group

Removes an AD FS claims provider trust group.

Remove-Adfs Client

Deletes registration information for an OAuth 2.0 client that is currently registered with AD FS.

Remove-Adfs Device Registration Upn Suffix

Removes a custom UPN suffix.

Remove-Adfs Farm Node

The Remove-AdfsFarmNode cmdlet is deprecated.

Remove-Adfs Global Web Content

Removes a global web content object.

Remove-Adfs Local Claims Provider Trust

Removes a local claims provider trust.

Remove-Adfs Native Client Application

Removes a native client application role from an application in AD FS.

Remove-Adfs Non Claims Aware Relying Party Trust

Removes a relying party trust for a non-claims-aware web application or service from the Federation Service.

Remove-Adfs Relying Party Trust

Removes a relying party trust from the Federation Service.

Remove-Adfs Relying Party Trusts Group

Removes a relying party trusts group.

Remove-Adfs Relying Party Web Content

Removes a relying party web content object.

Remove-Adfs Relying Party Web Theme

Removes a web theme to a relying party.

Remove-Adfs Scope Description

Removes a scope description in AD FS.

Remove-Adfs Server Application

Removes a server application role from an application in AD FS.

Remove-Adfs Trusted Federation Partner

Removes a trusted federation partner in AD FS.

Remove-Adfs Web Api Application

Removes a Web API application role from an application in AD FS.

Remove-Adfs Web Application Proxy Relying Party Trust

Removes the relying party trust object for the Web Application Proxy.

Remove-Adfs Web Theme

Removes a web theme.

Restore-Adfs Farm Behavior Level

Restores the farm to a previous behavior level.

Revoke-Adfs Application Permission

Revokes permission for an application.

Revoke-Adfs Proxy Trust

Revokes trust for all federation server proxies configured for the Federation Service.

Set-Adfs Access Control Policy

Modifies an AD FS access control policy.

Set-Adfs Additional Authentication Rule

Sets the global rules that provide the trigger for additional authentication providers to be invoked.

Set-Adfs Alternate Tls Client Binding

Configures an existing AD FS deployment to use the same port for both device certificate and client certificate authentication.

Set-Adfs Application Group

Modifies an application group.

Set-Adfs Application Permission

Modifies application permissions.

Set-Adfs Attribute Store

Modifies properties of an attribute store.

Set-Adfs Authentication Provider Web Content

Modifies a display name and description.

Set-Adfs Azure Mfa Tenant

Enables an AD FS farm to use MFA.

Set-Adfs Cert Sharing Container

Sets the account that is used for sharing managed certificates in a federation server farm.

Set-Adfs Certificate

Sets the properties of an existing certificate that AD FS uses to sign, decrypt, or secure communications.

Set-Adfs Certificate Authority

Modifies a certificate authority.

Set-Adfs Claim Description

Modifies the properties of a claim description.

Set-Adfs Claims Provider Trust

Sets the properties of a claims provider trust.

Set-Adfs Client

Modifies registration settings for an OAuth 2.0 client registered with AD FS.

Set-Adfs Device Registration

Configures the administrative policies for the Device Registration Service.

Set-Adfs Device Registration Upn Suffix

Sets the list of UPN suffixes.

Set-Adfs Endpoint

Sets the endpoint on a Web Application Proxy.

Set-Adfs Farm Information

Removes a stale or offline farm node from the farm information table.

Set-Adfs Global Authentication Policy

Modifies the AD FS global policy.

Set-Adfs Global Web Content

Sets properties for global web content objects.

Set-Adfs Local Claims Provider Trust

Modifies a local claims provider trust.

Set-Adfs Native Client Application

Modifies configuration settings for a server native client application role of an application in AD FS.

Set-Adfs Non Claims Aware Relying Party Trust

Sets the properties of a relying party trust for a non-claims-aware web application or service.

Set-Adfs Properties

Sets the properties that control global behaviors in AD FS.

Set-Adfs Registration Hosts

The Set-AdfsRegistrationHosts cmdlet is deprecated.

Set-Adfs Relying Party Trust

Sets the properties of a relying party trust.

Set-Adfs Relying Party Web Content

Sets properties for the relying party web content objects.

Set-Adfs Relying Party Web Theme

Applies a web theme to a relying party.

Set-Adfs Scope Description

Modifies a scope description in AD FS.

Set-Adfs Server Application

Modifies configuration settings for a server application role of an application in AD FS.

Set-Adfs Ssl Certificate

Sets an SSL certificate for HTTPS bindings for AD FS.

Set-Adfs Sync Properties

Modifies the frequency of synchronization for the AD FS configuration database and which server is primary in the farm.

Set-Adfs Trusted Federation Partner

Modifies configuration settings for trusted federation partners in AD FS.

Set-Adfs Web Api Application

Modifies configuration settings for a Web API application in AD FS.

Set-Adfs Web Application Proxy Relying Party Trust

Modifies properties of the relying party trust object for the Web Application Proxy.

Set-Adfs Web Config

Modifies web customization configuration settings.

Set-Adfs Web Theme

Modifies properties of a web theme.

Test-Adfs Farm Behavior Level Raise

Tests whether you can raise the behavior level of a farm.

Test-Adfs Farm Behavior Level Restore

Tests whether you can restore an AD FS farm to a previous behavior level.

Test-Adfs Farm Installation

Runs prerequisite checks for installing a new federation server farm.

Test-Adfs Farm Join

Runs prerequisite checks for adding the server computer to a federation server farm.

Unregister-Adfs Authentication Provider

Deletes an external authentication provider from AD FS.

Update-Adfs Certificate

Updates the certificates of AD FS.

Update-Adfs Claims Provider Trust

Updates the claims provider trust from federation metadata.

Update-Adfs Relying Party Trust

Updates the relying party trust from federation metadata.