New-SPTrustedIdentityTokenIssuer

參考

模組:: SharePointServer

適用於:: SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

在伺服器陣列中建立身分識別提供者。

Syntax

New-SPTrustedIdentityTokenIssuer
   -ClaimsMappings <SPClaimMappingPipeBind[]>
   -Description <String>
   -IdentifierClaim <String>
   -Name <String>
   -Realm <String>
   -SignInUrl <String>
   [-AssignmentCollection <SPAssignmentCollection>]
   [-ClaimProvider <SPClaimProviderPipeBind>]
   [-ImportTrustCertificate <X509Certificate2>]
   [-UseWReply]
   [-Confirm]
   [-RegisteredIssuerName <String>]
   [-SignOutUrl <String>]
   [-WhatIf]
   [<CommonParameters>]

New-SPTrustedIdentityTokenIssuer
   -ClaimsMappings <SPClaimMappingPipeBind[]>
   -Description <String>
   -IdentifierClaim <String>
   -Name <String>
   -Realm <String>
   -SignInUrl <String>
   [-AssignmentCollection <SPAssignmentCollection>]
   [-ClaimProvider <SPClaimProviderPipeBind>]
   -MetadataEndPoint <Uri>
   [-UseWReply]
   [-Confirm]
   [-SignOutUrl <String>]
   [-WhatIf]
   [<CommonParameters>]

New-SPTrustedIdentityTokenIssuer
   -Description <String>
   -Name <String>
   -Realm <String>
   -SignInUrl <String>
   [-AssignmentCollection <SPAssignmentCollection>]
   [-ImportTrustCertificate <X509Certificate2>]
   [-UseWReply]
   [-Confirm]
   [-IdentifierClaimIs <String>]
   [-RegisteredIssuerName <String>]
   [-SignOutUrl <String>]
   [-UseDefaultConfiguration]
   [-WhatIf]
   [<CommonParameters>]

Description

Cmdlet New-SPTrustedIdentityTokenIssuer 會在伺服器陣列中建立識別提供者。此物件的建立目的與用途，僅為在 Web 應用程式中設定此類型的身分識別提供者。指定的宣告類型不得為 NTLM、Classic NTLM、Negotiate 或 Classic Negotiate。至於 ASP.NET 成員資格提供者或角色提供者，則不保留任何物件。但對於安全性權杖服務 (STS) 身分識別提供者，此 cmdlet 會在 SPFarm 物件中建立並保留身分識別提供者。

如需適用於 SharePoint 產品的 Windows PowerShell 權限及最新資訊，請參閱線上文件 SharePoint Server Cmdlet。

範例

----------------------- 範例 ---------------------------

New-SPTrustedIdentityTokenIssuer -Name "LiveIDSTS" - Description "LiveID STS" -Certificate (Get-ChildItem "cert:Certificates (LocalComputer)\Personal\Certificates -Name "LiveID Cert") -SignInUrl https://int.contoso.com/ -IdentifierClaim "http://schemas.contoso.com/2007/05/Claims/Puid"

此範例會在伺服器陣列 LiveIDSTS 中建立新的身分識別提供者。

參數

-AssignmentCollection

管理物件以適當處置它們。使用 SPWeb 或 SPSite 等物件可能會耗用大量的記憶體，因此在 Windows PowerShell 指令碼中使用這些物件時，必須適當地管理記憶體。您可以使用 SPAssignment 物件將物件指派給變數，並在不需要時處置這些物件，以釋放記憶體。使用 SPWeb、SPSite 或 SPSiteAdministration 物件時，若未使用指派集合或 Global 參數，將會自動處置這些物件。

使用 Global 參數時，所有物件會包含在全域儲存區內。如果不立即使用物件，或使用 Stop-SPAssignment 命令加以捨棄，則可能會有記憶體不足的狀況發生。

Type:	SPAssignmentCollection
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	True
Accept wildcard characters:	False
Applies to:	SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

-ClaimProvider

指定 IP STS 可用解析及搜尋宣告人員挑選器的宣告。

此類型必須是格式為 12345678-90ab-cdef-1234-567890bcdefgh 的有效 GUID；有效的識別身分提供者名稱 (例如 MyIDprovider1)；或有效之 SPIdentityProvider 物件的執行個體。

Type:	SPClaimProviderPipeBind
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

-ClaimsMappings

指定將宣告從原始的 Token 對應至 SharePoint 的 Token。

此類型必須是格式為 12345678-90ab-cdef-1234-567890bcdefgh 的有效 GUID、有效的宣告對應規則 (例如 Email)，或有效的 SPClaimMapping 物件執行個體。

Type:	SPClaimMappingPipeBind[]
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

-Confirm

執行 Cmdlet 之前提示您確認。

Type:	SwitchParameter
Aliases:	cf
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

-Description

指定新身分識別提供者的說明。

此類型必須是有效的字串，例如 LiveID STS。

Type:	String
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

-IdentifierClaim

指定要用於新身分識別提供者，來自信任的 STS 的宣告類型。

此類型必須是來自信任的 STS 的有效宣告類型，例如 http://schemas.microsoft.com/2007/05/Claims/Puid。

Type:	String
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

-IdentifierClaimIs

指定應當作識別項宣告的預設對應宣告。

只有在 UseDefaultConfiguration 參數設為 true 時使用，否則會使用 IdentifierClaim 參數。

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

-ImportTrustCertificate

指定來自受信任驗證提供者伺服器陣列的 X.509 憑證物件。

此類型必須是有效的 X.509 憑證名稱，例如 Certificate1。

Type:	X509Certificate2
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

-MetadataEndPoint

指定信任提供者的中繼資料端點 URI。

Type:	Uri
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

-Name

指定新身分識別提供者的名稱。

此類型必須是有效的身分識別提供者名稱，例如 LiveIDSTS。

Type:	String
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

-Realm

指定與此信任相關的領域或資源分割區。

此類型必須是有效的領域名稱，例如 MD_REALM。

Type:	String
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

-RegisteredIssuerName

指定已註冊的簽發者名稱，而不是使用中繼資料端點。

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

-SignInUrl

指定此信任的 STS 身分識別提供者的登入 URL。

此類型必須是格式為 https://int.live.com/ 的有效 URL。

Type:	String
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

-SignOutUrl

指定信任提供者的登出 URI。當使用者從 SharePoint 登出時，這可讓 SharePoint 從信任提供者登出使用者。

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	SSharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

-UseDefaultConfiguration

指定是否應該使用預設的宣告對應集合。

如果使用 UseDefaultConfiguration 參數，則必須使用 IdentifierClaimIs 參數。

Type:	SwitchParameter
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

-UseWReply

包含具有 Token 要求的 WReply。

WReply 是信賴憑證者端的 URL，一旦登出處理完成，就會將要求者重新導向至該憑證者。

Type:	SwitchParameter
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

-WhatIf

顯示執行 Cmdlet 時會發生什麼情況。未執行 Cmdlet。

Type:	SwitchParameter
Aliases:	wi
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	SharePoint Server 2010, SharePoint Server 2013, SharePoint Server 2016, SharePoint Server 2019

共用方式為