Activate ADFS 3 Authentification Web.config

  1. Add the entries in  configuration/configSections
 <section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
 <section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
 </configSections>

2. Add in configuration/system.web

<authorization>
 <deny users="?" />
 </authorization>
 <authentication mode="None" />

3. Add in configuration/system.webServer/modules

<add name="WSFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
 <add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />

4. Add in Configuration

 <system.identityModel>
 <identityConfiguration>
 <audienceUris>
 <add value="RelyingPartyIdentifier" />
 </audienceUris>
 <securityTokenHandlers>
 <add type="System.IdentityModel.Services.Tokens.MachineKeySessionSecurityTokenHandler, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
 <remove type="System.IdentityModel.Tokens.SessionSecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
 </securityTokenHandlers>
 <certificateValidation certificateValidationMode="None" />
 <issuerNameRegistry type="System.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
 <trustedIssuers>
 <add thumbprint="thumbprint-Certificate" name="servernametrust" />
 </trustedIssuers>
 </issuerNameRegistry>
 </identityConfiguration>
 </system.identityModel>

To find Relying party identifier:
1. open “ADFS Manger”
2. Go to “Trust Relations ship “–>”Relying party”
3. Right click in the relying party and click “Properties”
4.In “identifiers” you find the relying party identifier

servernametrust is “http://adress_adfs/adfs/services/trust&#8221;

To find the thumbprint
1. navigate to “Services” –> “Certificates” –> select your token siging certificate –> click “View Certifcate”

5. Add in Configuration

 <system.identityModel.services>
 <federationConfiguration>
 <cookieHandler requireSsl="true" name="" />
 <wsFederation passiveRedirectEnabled="true" issuer="ADFS_Server" realm="RelyingPartyIdentifier" reply="replyAdress" requireHttps="true" />
 </federationConfiguration>
 </system.identityModel.services>

 

Adfs_server: https://servername/adfs/ls

replyAdress: Adress to reply

 

6. End point Relying party

To work perfectly you must add your application adress to the liste of Relying party endpoints

1. open “ADFS Manger”
2. Go to “Trust Relations ship “–>”Relying party”
3. Right click in the relying party and click “Properties”
4. navigate to “EndPoints”

 

 

 

 

Advertisements
Posted in Administration | Leave a comment

Create WebConfigModification PowerShell

The WebConfigModification allow you to modif the web.config of the web application. It will be saved in the settings database.. When Apply the method ApplyWebConfigModifications of the the class SPWebService (Microsoft.SharePoint.Administration).

To create WebConfigModification

—————————————————————————

Add-PSSnapin "Microsoft.SharePoint.PowerShell"
#change the ur of your web application 
$webApp=Get-SPWebApplication -Identity "http://win-o2tqsp5voae:21288/"

 $bindig = New-Object "Microsoft.SharePoint.Administration.SPWebConfigModification"
 #The path to identifie the new node 
$bindig.Path = "configuration/system.serviceModel/bindings/basicHttpBinding"
#It is very important to deleting the node. By name SharePoint can find the
#node. must be unique to delete it. the format is: tagName[@name='Name'] 
$bindig.Name = "binding[@name='MyBinding']"
 $bindig.Sequence = 0
#the type of ConfigModification : 0= EnsureChildNode
 $bindig.Type = 0
#The owner of the modification
 $bindig.Owner = "MyWebConfigOwner"
 $bindig.Value = ""
 $webApp.WebConfigModifications.Add($bindig)

$webApp.Update()
 $webApp.Parent.ApplyWebConfigModifications()

To delete WebConfigModifcation


Add-PSSnapin "Microsoft.SharePoint.PowerShell"

# Web appication URL
$webapp=Get-SPWebApplication -Identity "http://win-o2tqsp5voae:21288/"

#delete all WebConfigModification fo the Owner
$Modification = $webapp.WebConfigModifications | ? { $_.Owner -eq "MyWebConfigOwner"}
 
 if($Modification -ne $null){
 
 write-Host "Deleting existing entries"
 
 
 foreach($mod in $Modification){
  $webapp.WebConfigModifications.Remove($mod)
 } 
$webapp.Update() 
$webapp.Parent.ApplyWebConfigModifications() 
Write-Host "Complete"
}
else
{Write-Host "no Item"}
Posted in Administration, Power Shell | Tagged | Leave a comment

Bing Maps- geolocation column

  1. Overview bing Map

This feature was integrated  in SharePoint 2013 (automatically in SharePoint Online).  based on Bing map service  https://www.bingmapsportal.com/ISDK/AjaxV7#CreateMap1.

Mostly, there is a field type « Geolocation »  (Hidden)  that integrate any call of the Map service, and show the data in the list.  We will can also create a view from type MAP.

 

Add item:

Display Item

Create Map view

2. Installation

In SharePoint Online this column already exist.

In SharePoint On premise we need :
Bing Maps Key 
-Install SQLSysClrTypes.msi in all front-end servers.

To edit the BingMapsKey, open "SharePoint Management Shell" and execute: 
Set-SPBingMapsKey -BingKey $key
To add column to the list:
web=Get-SPWeb($urlSite)
$list=$web.Lists[$listTitle] 
$list.Fields.AddFieldAsXml("<Field Type='Geolocation' DisplayName='Location' />",
$true,[Microsoft.SharePoint.SPAddFieldOptions]::Default)

 

 

 

Posted in SharePoint 2013, sharepoint online | Leave a comment

send Mails sp.js

Utilities.SendMail = function (from,to, body, subject,success,error)
{
 //Get the relative url of the site
 var siteurl = _spPageContextInfo.webServerRelativeUrl;
 var urlTemplate = siteurl + "/_api/SP.Utilities.Utility.SendEmail";
 $.ajax({
 contentType: 'application/json',
 url: urlTemplate,
 type: "POST",
 data: JSON.stringify({
 'properties': {
 '__metadata': {
 'type': 'SP.Utilities.EmailProperties'
 },
 'From': from,
 'To': {
 'results': [to]
 },
 'Body':body ,
 'Subject': subject
 }
 }),
 headers: {
 "Accept": "application/json;odata=verbose",
 "content-type": "application/json;odata=verbose",
 "X-RequestDigest": jQuery("#__REQUESTDIGEST").val()
 },
 success: success,
 error: error
 });
 
}
Posted in sharepoint online | Leave a comment

Permissions list

var list = web.get_lists().getByTitle(titleList);
 


list.breakRoleInheritance(false, true);

var roleDefBindingAdmin = SP.RoleDefinitionBindingCollection.newObject(context);
 roleDefBindingAdmin.add(web.get_roleDefinitions().getByType(SP.RoleType.administrator));


 var roleDefBindingColl = SP.RoleDefinitionBindingCollection.newObject(context);
 roleDefBindingColl.add(web.get_roleDefinitions().getByType(SP.RoleType.contributor));

var roleDefBindingRead = SP.RoleDefinitionBindingCollection.newObject(context);
 roleDefBindingRead.add(web.get_roleDefinitions().getByType(SP.RoleType.reader));

list.get_roleAssignments().add(groupCollection.getByName(Gr_Owner), roleDefBindingAdmin);

 list.get_roleAssignments().add(groupCollection.getByName(Gr_PPM_Corportate), roleDefBindingColl);

 list.get_roleAssignments().add(groupCollection.getByName(Gr_PPM_Network), roleDefBindingRead);

context.executeQueryAsync(function () {
 SuccessMessage('permissions of list <strong>' + titleList + '</strong> was updated');

 }, ErrorCall);
Posted in JSOM, sharepoint online | Leave a comment

Imports CSV

Import intelligently, CSV files in a SharePoint list. The file can be exported from another list by Microsoft Excel and used it directly in the apps.

1. Set the parameters of the imports (parameters will be pre-configured according to the language site)

-Ignore line if contain more or less columns

-Ignore line that contain error format

-Choose option to search users (mails, login, mails)

-Chose the date format

-Choose the Boolean value (yes/no, true/false, 1/0)

-Choose the encoding

2. Mapping the columns

mapping between the columns of the list and the columns of the file. By default App search intelligently the correspondence.

3. Overview

The App show the result of import before the upload. And show also the alerts and messages: Number not valid, Url not valid, user does not exist, line contain more columns.

4. After importing items, you

 

https://store.office.com/en-001/app.aspx?assetid=WA104379900&sourcecorrid=53a3dc6b-0550-498f-b428-ecc1c61f158c&searchapppos=3&ui=en-US&rs=en-001&ad=US&appredirect=false

Posted in Published projets | Leave a comment

SharePoint Rules Permissions

Management rule permission is a feature for SharePoint 2010/2013 allows users to manage permissions in a dynamic way.
The feature allows the List administrator user to define rules permissions when list item is added or updated.
rules can be related to the properties of the list or properties of User profile service.

example:
for each new task added / changed, assign this permissions to the item:
Assigned To: Contribute
Responsable of Assigned To : Read
Group Manager: Full Control

the application is bilingual: English and French.

 

http://permissionmanagement.codeplex.com/

Posted in Published projets | Leave a comment