Be sure to run through these useful cmdlets for the management of Active Directory Federation Services. Remember, don’t go crazy with memorization here on cmdlets. Just remember the verb-noun syntax and review the list to see what is possible. Once again – don’t miss the READ MORE button in the blog post to see the complete list:
- Add-AdfsAttributeStore
Adds an attribute store to the Federation Service. - Add-AdfsCertificate
Adds a new certificate to AD FS for signing, decrypting, or securing communications. - Add-AdfsClaimDescription
Adds a claim description to the Federation Service. - Add-AdfsClaimsProviderTrust
Adds a new claims provider trust to the Federation Service. - Add-AdfsClaimsProviderTrustsGroup
Creates a claims provider trust group based on metadata that contains multiple entities. - Add-AdfsClient
Registers an OAuth 2.0 client with AD FS. - Add-AdfsDeviceRegistrationUpnSuffix
Adds a custom UPN suffix. - Add-AdfsFarmNode
Adds this computer to an existing federation server farm. - Add-AdfsLocalClaimsProviderTrust
Creates a local claims provider trust. - Add-AdfsNativeClientApplication
Adds a native client application role to an application in AD FS. - Add-AdfsNonClaimsAwareRelyingPartyTrust
Adds a relying party trust that represents a non-claims-aware web application or service to the Federation Service. - Add-AdfsRelyingPartyTrust
Adds a new relying party trust to the Federation Service. - Add-AdfsRelyingPartyTrustsGroup
Creates a relying party trusts group. - Add-AdfsScopeDescription
Adds a scope description in AD FS. - Add-AdfsServerApplication
Adds a server application role to an application in AD FS. - Add-AdfsTrustedFederationPartner
Adds configuration settings for trusted federation partners in AD FS. - Add-AdfsWebApiApplication
Adds a Web API application role to an application in AD FS. - Add-AdfsWebApplicationProxyRelyingPartyTrust
Adds a relying party trust for the Web Application Proxy. - Disable-AdfsApplicationGroup
Disables an application group.
- Disable-AdfsCertificateAuthority
Disables a certificate authority. - Disable-AdfsClaimsProviderTrust
Disables a claims provider trust in the Federation Service. - Disable-AdfsClient
Disables an OAuth 2.0 client that is currently registered with AD FS. - Disable-AdfsDeviceRegistration
Marks the Device Registration Service as disabled on an AD FS server. - Disable-AdfsEndpoint
Disables an endpoint of AD FS. - Disable-AdfsLocalClaimsProviderTrust
Disables a local claims provider trust. - Disable-AdfsNonClaimsAwareRelyingPartyTrust
Disables a relying party trust for a non-claims-aware web application or service from the Federation Service. - Disable-AdfsRelyingPartyTrust
Disables a relying party trust of the Federation Service. - Disable-AdfsWebApplicationProxyRelyingPartyTrust
Disables the relying party trust for the Web Application Proxy. - Enable-AdfsApplicationGroup
Enables an application group in AD FS. - Enable-AdfsClaimsProviderTrust
Enables a claims provider trust in the Federation Service. - Enable-AdfsClient
Enables the use of an OAuth 2.0 client registration by AD FS. - Enable-AdfsDeviceRegistration
This cmdlet has been deprecated. - Enable-AdfsEndpoint
Enables an endpoint in AD FS. - Enable-AdfsLocalClaimsProviderTrust
Enables a local claims provider trust. - Enable-AdfsNonClaimsAwareRelyingPartyTrust
Enables a relying party trust for a non-claims-aware web application or service from the Federation Service.
Enable-AdfsRelyingPartyTrust
Enables a relying party trust of the Federation Service. - Enable-AdfsWebApplicationProxyRelyingPartyTrust
Enables the relying party trust object for the Web Application Proxy. - Export-AdfsAuthenticationProviderConfigurationData
Returns a file containing the tenant ID for which the AD FS farm is configured for Azure MFA, as well as the well-known client ID for Azure MFA. - Export-AdfsDeploymentSQLScript
Generates SQL scripts to create the AD FS database and to grant permissions. - Export-AdfsWebContent
Exports properties of all web content objects in a specific locale to a specified file. - Export-AdfsWebTheme
Exports a web theme to a folder. - Get-AdfsAccessControlPolicy
Gets an AD FS access control policy. - Get-AdfsAdditionalAuthenticationRule
Retrieves the global rules that trigger additional authentication providers to be invoked. - Get-AdfsApplicationGroup
Gets an application group. - Get-AdfsApplicationPermission
Gets permission for an application. - Get-AdfsAttributeStore
Gets the attribute stores of the Federation Service. - Get-AdfsAuthenticationProvider
Gets a list of all authentication providers in AD FS. - Get-AdfsAuthenticationProviderWebContent
Retrieves web content objects for authentication providers. - Get-AdfsAzureMfaConfigured
Gets whether Azure MFA is enabled. - Get-AdfsCertificate
Retrieves the certificates from AD FS. - Get-AdfsCertificateAuthority
Gets a certificate authority. - Get-AdfsClaimDescription
Gets claim descriptions from the Federation Service. - Get-AdfsClaimsProviderTrust
Gets the claims provider trusts in the Federation Service. - Get-AdfsClaimsProviderTrustsGroup
Gets an AD FS claims provider trust group. - Get-AdfsClient
Retrieves registration information for an OAuth 2.0 client. - Get-AdfsDeviceRegistration
Gets the administrative polices of the Device Registration Service. - Get-AdfsDeviceRegistrationUpnSuffix
Gets the UPN suffixes that can be used with device registration. - Get-AdfsEndpoint
Retrieves an endpoint in AD FS. - Get-AdfsFarmInformation
Gets AD FS behavior level and farm node information. - Get-AdfsGlobalAuthenticationPolicy
Displays the AD FS global policy. - Get-AdfsGlobalWebContent
Gets global web content objects. - Get-AdfsLocalClaimsProviderTrust
Gets local claims provider trusts. - Get-AdfsNativeClientApplication
Gets native client application roles from an application in AD FS. - Get-AdfsNonClaimsAwareRelyingPartyTrust
Gets the properties of a relying party trust for a non-claims-aware web application or service. - Get-AdfsProperties
Gets all the associated properties for the AD FS service. - Get-AdfsRegistrationHosts
The Get-AdfsRegistrationHosts cmdlet is deprecated. - Get-AdfsRelyingPartyTrust
Gets the relying party trusts of the Federation Service. - Get-AdfsRelyingPartyTrustsGroup
Gets a relying party trust group. - Get-AdfsRelyingPartyWebContent
Gets web content objects for relying parties. - Get-AdfsRelyingPartyWebTheme
Gets properties of web themes applied to relying party trusts. - Get-AdfsScopeDescription
Gets a description for a scope in AD FS. - Get-AdfsServerApplication
Gets configuration settings for a server application role for an application in AD FS. - Get-AdfsSslCertificate
Gets the host name, port, and certificate hash for SSL bindings configured for AD FS and the device registration service. - Get-AdfsSyncProperties
Gets synchronization properties the configuration database of AD FS. - Get-AdfsTrustedFederationPartner
Gets a trusted federation partner in AD FS. - Get-AdfsWebApiApplication
Gets Web API application roles in AD FS. - Get-AdfsWebApplicationProxyRelyingPartyTrust
Gets the relying party trust object for the Web Application Proxy. - Get-AdfsWebConfig
Gets AD FS web customization configuration settings. - Get-AdfsWebTheme
Gets web themes. - Grant-AdfsApplicationPermission
Grants application permission. - Import-AdfsAuthenticationProviderConfigurationData
Imports the custom configuration for an authentication provider. - Import-AdfsWebContent
Imports properties from a resource file into global and relying party web content objects. - Initialize-ADDeviceRegistration
Initializes the Device Registration Service configuration in the Active Directory forest. - Install-AdfsFarm
Creates the first node of a new federation server farm. - Invoke-AdfsFarmBehaviorLevelRaise
Raises the behavior level of a farm. - New-AdfsAccessControlPolicy
Creates an AD FS access control policy. - New-AdfsApplicationGroup
Creates an application group. - New-AdfsAzureMfaTenantCertificate
Creates a certificate for the AD FS farm to use to connect to Azure MFA, or returns the currently configured certificate. - New-AdfsClaimRuleSet
Creates a set of claim rules. - New-AdfsContactPerson
Creates a contact person object. - New-AdfsLdapAttributeToClaimMapping
Creates a mapping between an attribute of an LDAP folder and an AD FS claim type. - New-AdfsLdapServerConnection
Creates a connection object. - New-AdfsOrganization
Creates a new organization information object. - New-AdfsSamlEndpoint
Creates a SAML protocol endpoint object. - New-AdfsWebTheme
Creates an AD FS web theme. - Publish-SslCertificate
The Publish-SslCertificate cmdlet is deprecated. - Register-AdfsAuthenticationProvider
Registers an external authentication provider in AD FS. - Remove-AdfsAccessControlPolicy
Removes an AD FS access control policy. - Remove-AdfsApplicationGroup
Removes an application group. - Remove-AdfsAttributeStore
Removes an attribute store from the Federation Service. - Remove-AdfsAuthenticationProviderWebContent
Removes web content customization of the authentication provider in the user sign-in web pages from AD FS. - Remove-AdfsCertificate
Removes a certificate from AD FS. - Remove-AdfsClaimDescription
Removes a claim description from the Federation Service. - Remove-AdfsClaimsProviderTrust
Removes a claims provider trust from the Federation Service. - Remove-AdfsClaimsProviderTrustsGroup
Removes an AD FS claims provider trust group. - Remove-AdfsClient
Deletes registration information for an OAuth 2.0 client that is currently registered with AD FS. - Remove-AdfsDeviceRegistrationUpnSuffix
Removes a custom UPN suffix. - Remove-AdfsFarmNode
The Remove-AdfsFarmNode cmdlet is deprecated. - Remove-AdfsGlobalWebContent
Removes a global web content object. - Remove-AdfsLocalClaimsProviderTrust
Removes a local claims provider trust. - Remove-AdfsNativeClientApplication
Removes a native client application role from an application in AD FS. - Remove-AdfsNonClaimsAwareRelyingPartyTrust
Removes a relying party trust for a non-claims-aware web application or service from the Federation Service. - Remove-AdfsRelyingPartyTrust
Removes a relying party trust from the Federation Service. - Remove-AdfsRelyingPartyTrustsGroup
Removes a relying party trusts group.
Remove-AdfsRelyingPartyWebContent
Removes a relying party web content object. - Remove-AdfsRelyingPartyWebTheme
Removes a web theme to a relying party. - Remove-AdfsScopeDescription
Removes a scope description in AD FS. - Remove-AdfsServerApplication
Removes a server application role from an application in AD FS. - Remove-AdfsTrustedFederationPartner
Removes a trusted federation partner in AD FS. - Remove-AdfsWebApiApplication
Removes a Web API application role from an application in AD FS. - Remove-AdfsWebApplicationProxyRelyingPartyTrust
Removes the relying party trust object for the Web Application Proxy. - Remove-AdfsWebTheme
Removes a web theme. - Restore-AdfsFarmBehaviorLevel
Restores the farm to a previous behavior level. - Revoke-AdfsApplicationPermission
Revokes permission for an application. - Revoke-AdfsProxyTrust
Revokes trust for all federation server proxies configured for the Federation Service. - Set-AdfsAccessControlPolicy
Modifies an AD FS access control policy. - Set-AdfsAdditionalAuthenticationRule
Sets the global rules that provide the trigger for additional authentication providers to be invoked. - Set-AdfsAlternateTlsClientBinding
Configures an existing AD FS deployment to use the same port for both device certificate and client certificate authentication. - Set-AdfsApplicationGroup
Modifies an application group. - Set-AdfsApplicationPermission
Modifies application permissions. - Set-AdfsAttributeStore
Modifies properties of an attribute store. - Set-AdfsAuthenticationProviderWebContent
Modifies a display name and description. - Set-AdfsAzureMfaTenant
Enables an AD FS farm to use MFA. - Set-AdfsCertSharingContainer
Sets the account that is used for sharing managed certificates in a federation server farm. - Set-AdfsCertificate
Sets the properties of an existing certificate that AD FS uses to sign, decrypt, or secure communications. - Set-AdfsCertificateAuthority
Modifies a certificate authority. - Set-AdfsClaimDescription
Modifies the properties of a claim description. - Set-AdfsClaimsProviderTrust
Sets the properties of a claims provider trust. - Set-AdfsClient
Modifies registration settings for an OAuth 2.0 client registered with AD FS. - Set-AdfsDeviceRegistration
Configures the administrative policies for the Device Registration Service. - Set-AdfsDeviceRegistrationUpnSuffix
Sets the list of UPN suffixes. - Set-AdfsEndpoint
Sets the endpoint on a Web Application Proxy. - Set-AdfsFarmInformation
Removes a stale or offline farm node from the farm information table. - Set-AdfsGlobalAuthenticationPolicy
Modifies the AD FS global policy. - Set-AdfsGlobalWebContent
Sets properties for global web content objects. - Set-AdfsLocalClaimsProviderTrust
Modifies a local claims provider trust. - Set-AdfsNativeClientApplication
Modifies configuration settings for a server native client application role of an application in AD FS. - Set-AdfsNonClaimsAwareRelyingPartyTrust
Sets the properties of a relying party trust for a non-claims-aware web application or service. - Set-AdfsProperties
Sets the properties that control global behaviors in AD FS. - Set-AdfsRegistrationHosts
The Set-AdfsRegistrationHosts cmdlet is deprecated. - Set-AdfsRelyingPartyTrust
Sets the properties of a relying party trust. - Set-AdfsRelyingPartyWebContent
Sets properties for the relying party web content objects. - Set-AdfsRelyingPartyWebTheme
Applies a web theme to a relying party. - Set-AdfsScopeDescription
Modifies a scope description in AD FS. - Set-AdfsServerApplication
Modifies configuration settings for a server application role of an application in AD FS. - Set-AdfsSslCertificate
Sets an SSL certificate for HTTPS bindings for AD FS. - Set-AdfsSyncProperties
Modifies the frequency of synchronization for the AD FS configuration database and which server is primary in the farm. - Set-AdfsTrustedFederationPartner
Modifies configuration settings for trusted federation partners in AD FS. - Set-AdfsWebApiApplication
Modifies configuration settings for a Web API application in AD FS. - Set-AdfsWebApplicationProxyRelyingPartyTrust
Modifies properties of the relying party trust object for the Web Application Proxy. - Set-AdfsWebConfig
Modifies web customization configuration settings. - Set-AdfsWebTheme
Modifies properties of a web theme. - Test-AdfsFarmBehaviorLevelRaise
Tests whether you can raise the behavior level of a farm. - Test-AdfsFarmBehaviorLevelRestore
Tests whether you can restore an AD FS farm to a previous behavior level. - Test-AdfsFarmInstallation
Runs prerequisite checks for installing a new federation server farm. - Test-AdfsFarmJoin
Runs prerequisite checks for adding the server computer to a federation server farm. - Unregister-AdfsAuthenticationProvider
Deletes an external authentication provider from AD FS. - Update-AdfsCertificate
Updates the certificates of AD FS. - Update-AdfsClaimsProviderTrust
Updates the claims provider trust from federation metadata. - Update-AdfsRelyingPartyTrust
Updates the relying party trust from federation metadata.