Test-AdfsFarmInstallation
Test-AdfsFarmInstallation is accessible with the help of adfs module. To install adfs on your system please refer to this adfs.
Synopsis
Runs prerequisite checks for installing a new federation server farm.
Description
The Test-AdfsFarmInstallation cmdlet performs the checks that you must complete before you run the Install-AdfsFarm cmdlet to install a new federation server farm.
Parameters
-AdminConfiguration
Specifies admin configuration.
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-CertificateThumbprint <String>
Specifies the value of the thumbprint of the certificate that the Secure Sockets Layer (SSL) binding of the default website uses in Internet Information Services (IIS). This value must match the thumbprint of a valid certificate in the certificate store of the local computer.
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-Credential <PSCredential>
Specifies a PSCredential object based on a user name and password. To obtain a PSCredential object, use the Get-Credential cmdlet. For more information, type Get-Help Get-Credential.
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-DecryptionCertificateThumbprint <String>
Specifies the value of the thumbprint of the certificate that Active Directory Federation Services (AD FS) uses for token decryption. If you specify this parameter, AD FS disables automatic certificate rollover, and you must specify a token signing certificate by specifying the SigningCertificateThumbprint parameter. This value must match the thumbprint of a valid certificate in the certificate store of the local computer.
Required? true
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-FederationServiceDisplayName <String>
Specifies the display name of the Federation Service. The name of the Federation Service appears by default in sign-in pages.
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-FederationServiceName <String>
Specifies the Domain Name System (DNS) name of the Federation Service. This value must match the subject name of the certificate that you configure on the SSL binding in IIS.
Required? true
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-GroupServiceAccountIdentifier <String>
Specifies the name of the group Managed Service Account that the AD FS service uses as the logon identity for the AD FS Windows service.
Required? true
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-OverwriteConfiguration <SwitchParameter>
Indicates that the AD FS service removes an existing AD FS configuration database and overwrites it with a new database.
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-ServiceAccountCredential <PSCredential>
Specifies a PSCredential object based on a user name and password for the service account in Active Directory® Domain Services under which the AD FS service runs. To obtain a PSCredential object, use the Get-Credential cmdlet. For more information, type Get-Help Get-Credential.
Required? true
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-SigningCertificateThumbprint <String>
Specifies the value of the thumbprint of the certificate that the AD FS service uses for token signing. If you specify this parameter, AD FS disables automatic certificate rollover, and you must also specify a token decryption certificate by using the DecryptionCertificateThumbprint parameter. This value must match the thumbprint of a valid certificate in the certificate store of the local computer.
Required? true
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-SQLConnectionString <String>
Specifies the Microsoft SQL Server database that stores the AD FS configuration settings. If you do not specify this parameter, the AD FS installer uses the Windows Internal Database to store configuration settings.
Required? true
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-SSLPort <Int32>
Specifies the value of the port number of the SSL binding that the AD FS website uses.
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-TlsClientPort <Int32>
Specifies the port number that the AD FS service uses for Transport Layer Security (TLS) authentication for the user certificate client. The default value is 49443.
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? falseSyntax
Test-AdfsFarmInstallation [-CertificateThumbprint <String>] [-Credential <PSCredential>] -FederationServiceName <String> [-FederationServiceDisplayName <String>] -ServiceAccountCredential <PSCredential> [-OverwriteConfiguration] [-SSLPort <Int32>] [-TlsClientPort <Int32>] [-AdminConfiguration <Hashtable>] [<CommonParameters>]
Test- AdfsFarmInstallation [-CertificateThumbprint <String>] [-Credential <PSCredential>] -DecryptionCertificateThumbprint <String> -FederationServiceName <String> [-FederationServiceDisplayName <String>] -ServiceAccountCredential <PSCredential> -SigningCertificateThumbprint <String> [-OverwriteConfiguration] [-SSLPort <Int32>] [-TlsClientPort <Int32>] [-AdminConfiguration <Hashtable>] [<CommonParameters>]
Test- AdfsFarmInstallation [-CertificateThumbprint <String>] [-Credential <PSCredential>] -DecryptionCertificateThumbprint <String> -FederationServiceName <String> [-FederationServiceDisplayName <String>] -ServiceAccountCredential <PSCredential> -SigningCertificateThumbprint <String> -SQLConnectionString <String> [-OverwriteConfiguration] [-SSLPort <Int32>] [-TlsClientPort <Int32>] [-AdminConfiguration <Hashtable>] [<CommonParameters>]
Test- AdfsFarmInstallation [-CertificateThumbprint <String>] [-Credential <PSCredential>] -DecryptionCertificateThumbprint <String> -FederationServiceName <String> [-FederationServiceDisplayName <String>] -GroupServiceAccountIdentifier <String> -SigningCertificateThumbprint <String> [-OverwriteConfiguration] [-SSLPort <Int32>] [-TlsClientPort <Int32>] [-AdminConfiguration <Hashtable>] [<CommonParameters>]
Test-AdfsFarmInstallation [-CertificateThumbprint <String>] [-Credential <PSCredential>] -DecryptionCertificateThumbprint <String> -FederationServiceName <String> [-FederationServiceDisplayName <String>] -GroupServiceAccountIdentifier <String> -SigningCertificateThumbprint <String> -SQLConnectionString <String> [-OverwriteConfiguration] [-SSLPort <Int32>] [-TlsClientPort <Int32>] [-AdminConfiguration <Hashtable>] [<CommonParameters>]
Test-AdfsFarmInstallation [-CertificateThumbprint <String>] [-Credential <PSCredential>] -FederationServiceName <String> [-FederationServiceDisplayName <String>] -ServiceAccountCredential <PSCredential> -SQLConnectionString <String> [-OverwriteConfiguration] [-SSLPort <Int32>] [-TlsClientPort <Int32>] [-AdminConfiguration <Hashtable>] [<CommonParameters>]
Test-AdfsFarmInstallation [-CertificateThumbprint <String>] [-Credential <PSCredential>] -FederationServiceName <String> [-FederationServiceDisplayName <String>] -GroupServiceAccountIdentifier <String> [-OverwriteConfiguration] [-SSLPort <Int32>] [-TlsClientPort <Int32>] [-AdminConfiguration <Hashtable>] [<CommonParameters>]
Test-AdfsFarmInstallation [-CertificateThumbprint <String>] [-Credential <PSCredential>] -FederationServiceName <String> [-FederationServiceDisplayName <String>] -GroupServiceAccountIdentifier <String> -SQLConnectionString <String> [-OverwriteConfiguration] [-SSLPort <Int32>] [-TlsClientPort <Int32>] [-AdminConfiguration <Hashtable>] [<CommonParameters>]
———————Example 1———————
Test the creation of a node in a federation server farm
PS C:> $Cred = Get-Credential
PS C:> Test-AdfsFarmInstallation -CertificateThumbprint 923s32454ec6e77eb2ae17f028fe5da2o9df2e2b -FederationServiceName “FS.Delhi.TOSSolution.com” -ServiceAccountCredential $Cred
The first command uses the Get-Credential cmdlet to create a credential object for the Active Directory account under which the AD FS service runs. The command stores the credential object in the $Cred variable.
The second command tests the creation the first node in a federation server farm that uses the Windows Internal Database on the local server computer. The command specifies a thumbprint of the certificate. AD FS uses this certificate as the SSL certificate and the service communications certificate. The command uses automatically generated, self-signed certificates for the token signing and token decryption certificates. The command specifies the credentials stored in $Cred for the Active Directory account under which the AD FS service runs.
You can check the Version, CommandType and Source of this cmdlet by giving below command.
Get-Command Test-AdfsFarmInstallation
You can also read about
- Get-Credential
- Install-AdfsFarm
- Test-AdfsFarmJoin
