Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
This CSE configures an ADFS Farm
param (
#the domain admin and adfs service passwords are encrypted and stored in a local folder
$localpath = "C:\Program Files\WindowsPowerShell\Modules\Certificates\"
$Key = (3,4,2,3,56,34,254,222,1,1,2,23,42,54,33,233,1,34,2,7,6,5,35,43)
#lets get the passwords and decrypt them
#get the admin and adfs passwords first
$adminpassword = Convertto-SecureString -String (Get-Content -Path $($localpath+"adminpass.key")) -key $key
$adfspassword = Convertto-SecureString -String (Get-Content -Path $($localpath+"adfspass.key")) -key $key
$DomainAdminCreds = New-Object System.Management.Automation.PSCredential($($DomainName+"\"+$DomainAdminUsername), $adminpassword)
$AdfsSvcCreds = New-Object System.Management.Automation.PSCredential($($DomainName+"\"+$AdfsSvcUsername), $adfspassword)
#install the certificate that will be used for ADFS Service
Import-PfxCertificate -Exportable -Password $adminpassword -CertStoreLocation cert:\localmachine\my -FilePath $($localpath+"adfs_certificate.pfx")
#get thumbprint of certificate
$cert = Get-ChildItem -Path Cert:\LocalMachine\my | ?{$_.Subject -eq ", OU=Free SSL, OU=Domain Control Validated"}
#Configure ADFS Farm
Import-Module ADFS
Install-AdfsFarm -CertificateThumbprint $cert.thumbprint -Credential $DomainAdminCreds `
-FederationServiceName -FederationServiceDisplayName "Active Directory Federation Service" `
-ServiceAccountCredential $AdfsSvcCreds -OverwriteConfiguration
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.