.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

Need of ADFS when you have Windows Claims

Posted By:      Posted Date: October 24, 2010    Points: 0   Category :SharePoint

Scenario is : All users - Intranet/Extranet/Partners will be in Active Directory only . There are no FBA requirements / Live ID etc etc . We plan to build a Intranet Portal , My Sites, Employees Collaboration Sites on a Single Sharepoint Farm . We  are Planning to go wth Claims as Authentication with Microsoft Recommendation though classic is sufficient for our current requirements as stated above .

Question is : a) Do i need ADFS2.0 ? Why will i need it ?

As per my knowledge , with all users in AD , i can use Sharepoint STS as Identity Provider STS in my case .... But i still with all my understanding using Sharepoint STS as Identity Provider is not a good idea though you have all users in AD .. i am guesing reason may be STS Administration ...
Please share some of your good ideas which help me understand and make my guys understand Need of ADFS for us .


Vipin Kumar Tanwar ( Technology Architect )

View Complete Post

More Related Resource Links

Claims to windows token service wont start in Central administration

Not sure if this is a bug or some setting I just dont understand but I cannot get the claims to windows token service from manage services to show as started. When I click start I get this error in the event viewer: An attempt to start/stop instance of service Claims to Windows Token Service on server <SERVERNAME> did not succeed. Re-run the action via UI or command line on the specified server. Additional information is below. c2wts (DOMAIN\sp_farm) I have searched and searched for an answer. This thread http://social.technet.microsoft.com/Forums/en-US/sharepoint2010setup/thread/6b865ead-970b-4460-9dcf-1cc6d6d8530b talks about needing a connection to the internet, but my server is connected to the internet so i think i can rule that out. Also I have read that c2wts depends on the crypto service. I have run this command with no success: sc config c2wts depend= cryptsvc I can start the c2wts service through services.msc and it is succesful. But central administration still shows it is stopped. I have also re-run the installer in repair mode, and re-run the initial configuration wizard, maintaining all of the same settings as the previous installation. That didn't help. Basically, I'm out of ideas and I cant find much about this on the web. Any ideas?

Claims Based Authentication with ADFS 2.0


I have setup the claims based environment with ADFS 2.0, everything is working fine but when i select my claims in the people picker its not validating weather the claim exists or not. its showing what ever i enter, as a result in the people picker page. I want to check if the claim exists then only the claim should be shown as a result and resolved.

can anyone guide me how to start and where to make modifications. So that i can pick claims only which i have created or existing.

Problem with Sharepoint 2010 - Claims Auth - Windows Auth and FBA. consistent redirects back to "cho


We have sharepoint 2010 foundation site that we can successfully login with via IE, Firefox, Chrome both on the domain and externally with Claims Authentication with only Windows Auth type selected (NTLM).

Once we add FBA and use the default signin page, we can still login (we select Windows Auth from the dropdown) BUT it only works on the domain. When we try to access externally, the only browser that works is FireFox. Both Chrome and IE just constantly redirect back to the Choose Authentication dropdown screen.

We have tried for the last 2 days to sort this out. Has anyone else experience this? It looks like the default sign in page somehow doesn't set the cookie for IE and Chrome and just bounces us back to the sign in page...

Thanks for any info...

To clarify, we are not even using the FBA yet. We are trying to login only with the windows auth and domain accounts...

Windows Identity Foundation (Claims Based Authentication) for Reporting Services



I see that SQL Server 2008 R2 Reporting Services now supports Claims Based Authentication in Sharepoint 2010, meaning that end users can authenticate with Sharepoint using Claims Based Authentication, and use the same security tokens to connect through to Reporting Services.

I assume that behind the scenes Sharepoint is using Windows Identity Foundation (WIF - formerly codenamed "Geneva") to handle the authentication, and passing this on to Reporting Services.

I'm keen to use Windows Identity Foundation to authenticate with Reporting Services without Sharepoint. We have an existing ASP.NET web application, and we'd like to call Reporting Services from that, passing on the Windows Identity Foundation credentials of the user logged into our web application.

I've done some work on setting up a custom security extension using Forms Authentication (based on the sample), but am not sure how to proceed from there.

Google/Bing hasn't been helpful. Can you please point me to some guidance on how to set up Windows Identity Foundation authentication for Reporting Services?<

Cusom Role + task provider that wotk with windows and claims identties


I have created a custom principal that is populated with roles from a custom role store (SQL database). I also use a custom SQL Role provider.

I need to implement tasks that are related to a role. These tasks should have a business rule attached to it. For example user's that belong to the Approver role and the batch approval task should only be allowed to approve for amount greater than 1000 and customer x.

I know Azman provides this functionality or NetSQAzman but I can't use it due to my custom authorization should work with both windows and claims identities.

Any ideas? 

Thank you


migrate from windows to forms in claims based authentication


Hi friends,

               I am using sharepoint2010 forms based authenticaion (claims based) configure all the web.config files and its working fine.Now I want to change this applicaion to windows authentication (claims) what are the things to follow to change the application to windows and vice versa.I refer few links but they are referring from  classic to claims and many other things not my req..!



Using the "Claims to Windows Token Service" to assist with single sign on



Does anyone know if it's possible to use the c2WTS service to achieve single-sign-on within SharePoint 2010, without turning it into a Claims-based application? My situation is that I'd like to use ADFSv2 (and/or Shibboleth) for user authentication, but instead of returning a SAML token back to SharePoint, I'd like to use c2WTS to transform that claim into a Kerberos ticket and pass that back to a SharePoint web app that's using classic Windows authentication. For this web application, we're not interested in federation - just looking to eliminate the Windows Integrated Authentication. All users will have a valid account (and thus UPN) in the domain. Our current environment is WSS 3.0 and we've mostly used AD groups for authorization. This makes it diffiuclt to simply migrate these sites to use claims in SharePoint 2010. Any feedback would be appreciated.

-joe c

Do I really need the 'Claims to Windows Token Service'

SharePoint 2010 complains when this service is not available, however if my web applications aren't using CBA, is this really necessary?
Conrad Goodman MCITP SA / MCTS: WSS3.0 + MOSS2007

Windows Service Applications Tutorials

You can easily create services by creating an application that is installed as a service. For example, suppose you want to monitor performance counter data and react to threshold values. You could write a Windows Service application that listens to the performance counter data, deploy the application, and begin collecting and analyzing data.

Serving Silverlight Apps from Windows Mobile

Even if mobile dev is not my every day work, thanks to the .Net Compact Framework, it's still .Net programming.

Here is the scenario:

You come back home, you have a windows mobile phone wifi capable and you want to quickly get access to your phone pictures from your home network.
You just activate the Wifi, run my app and then browse to the provided link from any computer on the network.

Getting Started with Windows SharePoint Services

Of all of the capabilities of SharePoint, I thought I would start with the most basic installation - as a corporate intranet. It is likely that we will need to discuss some of the elements of SharePoint as we go along, so this also gives us the opportunity to review these elements for future reference.

Before going into too much detail, I would like to point out that you can try the core SharePoint framework (known as Windows SharePoint Services or WSS) for free. On Microsoft's Web site you can download a trial version of Virtual PC 2004 (VPC). Using VPC, you can install the Windows 2003 Evaluation Kit and the WSS add-on. This combination will give you 45 days to evaluate the setup.

Building a Searchable Phone Directory with Windows SharePoint Services

I want to continue to build out the intranet site we've started in our previous articles. A standard item in every intranet is a staff/employee list. Most companies implementing Windows SharePoint Services (WSS) are large enough to have a database that contains all employees. We will use the aggregation features of SharePoint to include data from this database into our intranet.

Getting Started with Windows Communication Foundation

Windows Communication Foundation (WCF) provides a unified framework for rapidly building service-oriented applications that makes it easy to build and consume secure, reliable, and transacted Web services. It unifies the capabilities in ASMX, WSE, Remoting, COM+, and MSMQ; therefore developers need to learn only one programming model.

Application Architecture in Windows Forms 2.0

Applications have special support in Windows Forms. For starters, you can manage and tailor your application's lifetime, and, when the work flow is disrupted by an unhandled exception, you can choose from several methods of response. Then, there are several application models that you can employ, including Single Document Interface (SDI) and Multiple Document Interface (MDI) applications, each of which can support either multiple-instance or single-instance mode, the former the VS05 default and the latter requiring special consideration. All applications, however, can discover and use a wide variety of information about the system and environment they execute in.

Application Architecture in Windows Forms 2.0-Single-MDI Applications

Consider an MDI application like Microsoft Excel; files opened from the file system (by double-clicking) are all opened as separate child windows within the parent Excel window.7 For the first instance of an MDI application to open a new child window to display the file that was passed to the second instance of the application, the second instance must be able to communicate with the initial instance.

Windows Presentation Foundation and your architecture

Windows Presentation Foundation (WPF) is a new client user interface technology that ships as part of the .NET 3.0 Framework. Architects have long faced the challenge of selecting an appropriate presentation tier technology for their applications. In recent times, if you are developing for the Windows platform, it was at least a fairly short list. You either built a web application, a smart client, a mobile device, or some combination of those depending on your target audience. Which one you picked gave you a fairly short list of practical options in the .NET space - ASP.NET, Windows Forms, and Compact Framework respectively.

New Features in Windows SharePoint Services 3.0

Windows SharePoint Services 3.0 (WSS 3.0) is the next version of WSS 2.0, released on 2007, and Microsoft Office SharePoint Server 2007 (MOSS 2007) is built on top of this. Windows SharePoint Services 3.0 takes full advantage of Microsoft ASP.NET 2.0 and the core Microsoft .NET 2.0 runtime. WSS 3.0 offers a lot of new features and programmability support. I have consolidated a list of new features and enhancements in the below section:
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend