Tuesday 11 June 2024

Set up a WS-Federation provider with Microsoft Entra ID

Set up a WS-Federation provider with Microsoft Entra ID | Microsoft Learn

Set up a WS-Federation provider with Microsoft Entra ID


Set up Microsoft Entra in Power Pages

Set Microsoft Entra as an identity provider for your site.

  1. In your Power Pages site, select Set up > Identity providers.

    If no identity providers appear, make sure External login is set to On in your site's general authentication settings.

  2. Select + New provider.

  3. Under Select login provider, select Other.

  4. Under Protocol, select WS-Federation.

  5. Enter a name for the provider; for example, Microsoft Entra ID.

    The provider name is the text on the button that users see when they select their identity provider on the sign-in page.

  6. Select Next.

  7. Under Reply URL, select Copy.

    Don't close your Power Pages browser tab. You'll return to it soon.

Create an app registration in Azure

Create an app registration in the Azure portal with your site's reply URL as the redirect URI.

  1. Sign in to the Azure portal.

  2. Search for and select Azure Active Directory.

  3. Under Manage, select App registrations.

  4. Select New registration.

  5. Enter a name.

  6. Select one of the Supported account types that best reflects your organization requirements.

  7. Under Redirect URI, select Web as the platform, and then enter the reply URL of your site.

    • If you're using your site's default URL, paste the reply URL you copied.
    • If you're using a custom domain name, enter the custom URL. Be sure to use the same custom URL for the assertion service consumer URL in the settings for the identity provider on your site.

  8. Select Register.

  9. Select Endpoints at the top of the page.

  10. Find the Federation metadata document URL and select the copy icon.

  11. In the left side panel, select Expose an API.

  12. To the right of Application ID URI, select Add.

  13. If you're using a custom domain name, enter your site URL. Otherwise, leave the auto-generated URI. You'll need to change the app ID URI in your site settings to match.

    Due to a recent update, the app ID URI must be the auto-generated URI or a verified custom domain name.

  14. Select Save.

  15. In a new browser tab, paste the federation metadata document URL you copied earlier.

  16. Copy the value of the entityID tag in the document.

Enter site settings in Power Pages

Return to the Power Pages Configure identity provider page you left earlier and enter the following values. Optionally, change the additional settings as needed. Select Confirm when you're finished.

  • Metadata address: Paste the federation metadata document URL you copied.

  • Authentication type: Paste the entityID value you copied.

  • Service provider realm: Enter your site's URL.

  • Assertion service consumer URL: If your site uses a custom domain name, enter the custom URL; otherwise, leave the default value, which should be your site's reply URL. Be sure the value is exactly the same as the redirect URI of the application you created.

Additional settings in Power Pages

The additional settings give you finer control over how users authenticate with your SAML 2.0 identity provider. You don't need to set any of these values. They're entirely optional.

  • Sign-out reply: Enter the URL to return to after the user signs out.

  • Validate audience: Turn on this setting to validate the audience during token validation.

  • Valid audiences: Enter a comma-separated list of audience URLs.

  • WHR: Enter the home realm of the identity provider. This value sets the WS-Federation sign-in request whr parameter. If this setting is empty, the whr parameter isn't included in the request.

  • Contact mapping with email: This setting determines whether contacts are mapped to a corresponding email address when they sign in.

    • On: Associates a unique contact record with a matching email address and automatically assigns the external identity provider to the contact after the user successfully signs in.
    • Off

Update app ID URI in site settings

If you're using the auto-generated URI for the app ID URI, you'll need to change the value in your site settings.

  1. Open the Portal Management app and go to Site Settings.

  2. Change the value of the site setting Authentication/WsFederation/WSFederation_1/Wtrealm to the auto-generated app ID URI.

  3. Select Save.

See also

Set up a WS-Federation provider
Set up a WS-Federation provider with AD FS

Posted by at No comments:

sql server move database files to new drive

 sql server move database files to new drive

 

When you need to move SQL Server database files to a new location, there are a few approaches you can take. Let me outline a couple of methods for you:

  1. Detach and Attach Method:

    • Detach the Database: First, detach the database using the sp_detach_db stored procedure or through SQL Server Management Studio (SSMS).
    • Move Files: Physically move the detached database files (both data and log files) to the desired location.
    • Attach the Database: Finally, attach the database using the sp_attach_db stored procedure or SSMS. Make sure to specify the new file paths during attachment1.

  2. ALTER DATABASE Method:

    • Take Database Offline: Use the following command to take the database offline:
      SQL
      USE master;
ALTER DATABASE TestDB SET OFFLINE;
      AI-generated code. Review and use carefully. More info on FAQ.
    • Move Files: Physically move the data and log files to the new locations.
    • Modify File Paths: Alter the database to use the new paths for its files:
      SQL
      USE master;
ALTER DATABASE TestDB MODIFY FILE (NAME = TestDB, FILENAME = 'C:\\MSSQL\\UserDBData\\TestDB.mdf');
ALTER DATABASE TestDB MODIFY FILE (NAME = TestDB_log, FILENAME = 'C:\\MSSQL\\UserDBLog\\TestDB_log.ldf');
      AI-generated code. Review and use carefully. More info on FAQ.
    • Bring Database Online: Finally, bring the database back online

 

Posted by at No comments:

How to fix Recovery Pending State in SQL Server Database?

 How to fix Recovery Pending State in SQL Server Database?

 

ALTER DATABASE [DBName] SET EMERGENCY;
GO

ALTER DATABASE [DBName] set single_user
GO

DBCC CHECKDB ([DBName], REPAIR_ALLOW_DATA_LOSS) WITH ALL_ERRORMSGS;
GO 

ALTER DATABASE [DBName] set multi_user
GO

Posted by at No comments:
Subscribe to: Posts (Atom)