Installation SharePoint 2013 with Web Application Proxy and ADFS – Kerberos

Installation of SharePoint 2013 with Web Application Proxy and ADFS – Kerberos
Had some issues trying to piece together all the parts of the puzzle in order to get Web Application Proxy, ADFS and Kerberos to work together with a SharePoint 2013 Web Application hosting a Business Intelligence site, the linked guide should outline the most relevant points required. The rest should be read from references.

Link to doc:
Installation SharePoint 2013 with Web Application Proxy and ADFS – Kerberos guide (Location on Google Drive)

References
Step 3: Publish Applications using AD FS Preauthentication
http://technet.microsoft.com/en-us/library/dn383640.aspx

SharePoint and the Web Application Proxy Role
http://thesharepointfarm.com/2014/02/sharepoint-and-the-web-application-proxy-role/

Understanding the AD FS 2.0 Proxy
http://blogs.technet.com/b/askds/archive/2012/01/05/understanding-the-ad-fs-2-0-proxy.aspx

Advertisements

One comment

  1. Great post Jesper, just what I needed. All the other guidance was pointing at setting up ADFS with claims in SP2013, which just causes problems when all your users are on the same domain as SP2013…

    Couple of key things that you might want to add to the doc:
    1. Add an Issuance Authorization Rule to the ADFS relying party trust to permit all users (unless you want some kind of restrictions). I haven’t actually tested if it works without this, but I’d like to think that MS have set it to deny by default…
    2. When setting up the WAP publishing, don’t forget the backend SPN is going to be the SP server name SPN (e.g. http/sharepoint.internaldomain.com), except where you’re load balancing, in which case, set it to the load balanced name.

    Thanks heaps! Now I just need to use Azure AD (Access Control Namespaces) to add Facebook/WindowsID/OpenID/GoogleID/etc logins…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s