SharePoint Authentication and Authorization

Report
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
Check In Counter
©2012 Microsoft Corporation. All rights reserved.
Boarding Gate
Identity
Authentication
Authorisation
Claim
Security Token
Security Token Service (STS)
Identity Provider STS (IP-STS)
Relying Party
Relying Party STS (RP-STS)
©2012 Microsoft Corporation. All rights reserved.
Boarding Gate
Identity: security principal (end user)
©2012 Microsoft Corporation. All rights reserved.
Boarding Gate
Relying Party: application that
makes authorisation decisions based
on claims
©2012 Microsoft Corporation. All rights reserved.
Boarding Gate
Claim: statement about an identity
“I am Wayne Ewington”
“My seat is 1a” 
©2012 Microsoft Corporation. All rights reserved.
Check In Counter
Boarding Gate
Identity Provider STS (IP-STS):
authenticates and issues tokens
©2012 Microsoft Corporation. All rights reserved.
Name
Seat Number
Frequent Flyer
Check In Counter
Boarding Gate
Security Token: set of claims that
are digitally signed by an issuing
authority
©2012 Microsoft Corporation. All rights reserved.
Check In Counter
©2012 Microsoft Corporation. All rights reserved.
Boarding Gate
Identity
Authentication
Authorisation
Claim
Security Token
Security Token Service (STS)
Identity Provider STS (IP-STS)
Relying Party
Relying Party STS (RP-STS)
©2012 Microsoft Corporation. All rights reserved.
Security
Check
Token
In Counter
Service
©2012 Microsoft Corporation. All rights reserved.
Boarding
Gate
SharePoint
Server
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
NOT
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
$wa = Get-SPWebApplication http://yourWebAppUrl
$arguments = New-Object Microsoft.SharePoint.Administration.SPWebApplication+SPMigrateUserParameters
$arguments.AddDatabaseToMigrate($wa.ContentDatabases[contentDbNumberYouWantToMigrate])
$wa.MigrateUsersToClaims("domain\user", $true, $arguments)
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
approve an
application to act on their behalf
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.
©2012 Microsoft Corporation. All rights reserved.

similar documents