Answered by:
ADFS Resource Partner Account Partner Setup

Question
-
Good Afternoon,
We have two Domains, A and B. A is the Account Partner and B is the Resource Partner (With Sharepoint Web portal)
Domain B exists in Domain A's Relying Party Trust
Domain A exists in Domain B's Claims Provider Trust
However the above have been created without any claims setup between them. (Right click edit claim rule - Acceptance Transform Rules)
The Sharepoint Site on Domain B has been setup in relying part Trust, with the required Claims for Sharepoint. (Call it Claim SP)
My question is that would the Trusts between the domains need to have Claim SP setup between them for the site to function (i.e. allow Domain A users to access Sharepoint on Domain B?)
Thank you for your assitance,
Answers
-
Here is a general overview of what you need to do. You want to provide Domain A user access to SharePoint in Domain B from what I read. From the ADFS side:
Domain A setup as a claim provider on Domain B's federation server
Domain B setup as a relying party on Domain A's federation server
SharePoint setup as a relying party on Domain B's federation server
From the SharePoint side:
Domain B's federation server setup as a trusted identity provider on the desired web application.
For the claims, you'll need to passthrough from Domain A's federation server, to Domain B's federation server (the one SharePoint trusts) then to SharePoint.Here is a guide that is pretty good at explaining how to do that:
- Marked as answer by Nsaneone Friday, October 25, 2013 8:30 AM
All replies
-
Yes.
Please follow the link below.
Regards,
- Proposed as answer by Jayant Prabhakar Thursday, October 24, 2013 10:34 AM
-
Thank you Jayant. The page was very helpful. Although it doesn't mention how to configure claims between resource Partner and Account Partner. I will setup both Domain A and B with the same claim to see if this allows Domain A users to access the Domain B resource.
kind regards,
-
-
Here is a general overview of what you need to do. You want to provide Domain A user access to SharePoint in Domain B from what I read. From the ADFS side:
Domain A setup as a claim provider on Domain B's federation server
Domain B setup as a relying party on Domain A's federation server
SharePoint setup as a relying party on Domain B's federation server
From the SharePoint side:
Domain B's federation server setup as a trusted identity provider on the desired web application.
For the claims, you'll need to passthrough from Domain A's federation server, to Domain B's federation server (the one SharePoint trusts) then to SharePoint.Here is a guide that is pretty good at explaining how to do that:
- Marked as answer by Nsaneone Friday, October 25, 2013 8:30 AM