-
Notifications
You must be signed in to change notification settings - Fork 107
SPSecurityTokenServiceConfig
Yorick Kuijs edited this page Dec 17, 2021
·
12 revisions
Parameter | Attribute | DataType | Description | Allowed Values |
---|---|---|---|---|
IsSingleInstance | Key | String | Specifies the resource is a single instance, the value must be 'Yes' | Yes |
Name | Required | String | The name of the security token service | |
NameIdentifier | Write | String | The identifier for the security token service | |
UseSessionCookies | Write | Boolean | True set the security token service to use cookies | |
AllowOAuthOverHttp | Write | Boolean | True set the security token service to allow OAuth over HTTP | |
AllowMetadataOverHttp | Write | Boolean | True set the security token service to allow metadata exchange over HTTP | |
FormsTokenLifetime | Write | UInt32 | Timespan in minutes to set FormsTokenLifetime | |
WindowsTokenLifetime | Write | UInt32 | Timespan in minutes to set WindowsTokenLifetime | |
LogonTokenCacheExpirationWindow | Write | UInt32 | Timespan in minutes to set LogonTokenCacheExpirationWindow | |
Ensure | Write | String | Present ensures the configurations are applied |
Present , Absent
|
Type: Distributed Requires CredSSP: No
This resource is responsible for configuring the Security Token Service within the local SharePoint farm. Using Ensure equals to Absent is not supported. This resource can only apply configuration, not ensure they don't exist.
This resource is also able to set the properties FormsTokenLifetime, WindowsTokenLifetime and LogonTokenCacheExpirationWindow. It checks for values leading to "The context has expired and can no longer be used." errors. The value for LogonTokenCacheExpirationWindow must be higher than the values for FormsTokenLifetime and WindowsTokenLifetime, it will return an error if not.
This example configures the Security Token Service
Configuration Example
{
param
(
[Parameter(Mandatory = $true)]
[PSCredential]
$SetupAccount
)
Import-DscResource -ModuleName SharePointDsc
node localhost
{
SPSecurityTokenServiceConfig SecurityTokenService
{
IsSingleInstance = "Yes"
Name = "SPSecurityTokenService"
NameIdentifier = "00000003-0000-0ff1-ce00-000000000000@9f11c5ea-2df9-4950-8dcf-da8cd7aa4eff"
UseSessionCookies = $false
AllowOAuthOverHttp = $false
AllowMetadataOverHttp = $false
PsDscRunAsCredential = $SetupAccount
}
}
}
- Home
- Getting Started
- Pre-requisites
- Installing the module
- Exporting SharePoint Configuration
- Creating Configuration Files
- Pre-created Examples
- Creating an Azure development environment
- Understanding Resources & Syntax
- Remote PowerShell Authentication
- Contributing to SharePointDsc
- Other useful modules for SharePoint DSC configurations