ADFederationService object
The ADFederationService object can be used to manage Active Directory Federation Services (ADFS) support. ADFS is a component available beginning with Windows Server 2003 R2 that enables a user to access multiple web applications during the life of a single online session. Using ADFS, organizations can share user identity within an organization and across federated organizations so that the users can access ADFS-configured resources. If ADFS is installed and enabled, an AD RMS server can grant content access to federated users. You can retrieve this object by calling the ADFederationService property on the TrustPolicy object.
Members
The ADFederationService object has these types of members:
Properties
The ADFederationService object has these properties.
Property | Description |
---|---|
Enabled |
Specifies or retrieves a Boolean value that indicates whether ADFS trust is enabled. |
IsProxyEmailAddressesAllowed |
Specifies or retrieves a Boolean value that indicates whether proxy email addresses can be used to identify users. |
IsSupported |
Retrieves a Boolean value that specifies whether the Active Directory Federation Services (ADFS) component and the external and internal certification services are installed. |
RightsAccountCertificateRequestUrl |
Specifies or retrieves the URL of a website from which a rights account certificate for a federated user can be requested. |
ValidityPeriodInDays |
Specifies or retrieves the number of days for which a rights account certificate is valid. |
Examples
DIM config_manager
DIM admin_role
' *******************************************************************
' Create and initialize a ConfigurationManager object.
SUB InitObject()
CALL WScript.Echo( "Create ConfigurationManager object...")
SET config_manager = CreateObject _
("Microsoft.RightsManagementServices.Admin.ConfigurationManager")
CheckError()
CALL WScript.Echo( "Initialize...")
admin_role=config_manager.Initialize(false,"localhost",80,"","","")
CheckError()
END SUB
' *******************************************************************
' Specify ADFS information.
SUB SetADFS()
DIM objADFS
SET objADFS = _
config_manager.Enterprise.TrustPolicy.ADFederationService
CheckError()
IF objADFS.IsSupported = TRUE THEN
objADFS.Enabled = true
CheckError()
objADFS.ValidityPeriodInDays = 10
CheckError()
objADFS.RightsAccountCertificateRequestUrl = _
"https://www.example.com"
CheckError()
objADFS.IsProxyEmailAddressesAllowed = TRUE
CheckError()
END IF
END SUB
' *******************************************************************
' Error checking function.
FUNCTION CheckError()
CheckError = Err.number
IF Err.number <> 0 THEN
CALL WScript.Echo( vbTab & "*****Error Number: " _
& Err.number _
& " Desc:" _
& Err.Description _
& "*****")
WScript.StdErr.Write(Err.Description)
WScript.Quit( Err.number )
END IF
END FUNCTION
' *******************************************************************
' Generate a runtime error.
SUB RaiseError(errId, desc)
CALL Err.Raise( errId, "", desc )
CheckError()
END SUB
Requirements
Minimum supported client |
None supported |
Minimum supported server |
Windows Server 2008 |
Assembly |
|