Previous Topic: Verify That the Trusted Identity Provider Is RegisteredNext Topic: Verify that your Account has the Required Permissions

Agent for SharePoint GuideConfigure SharePointAdding Claims to Trusted Identity Providers

Adding Claims to Trusted Identity Providers

SharePoint 2010 supports third-party identity providers. These identity providers authenticate and authorize users who request SharePoint resources. A SharePoint administrator configures a trusted identity provider for a SharePoint environment.

Claims are a form of attribute or role, that a user has. Each claim has a name to identify it, and a value that the trusted identity provider verifies by connecting to a user directory.

For example, you can configure claims that correspond to the SamAccountName attribute of an Active Directory server or a uid of an LDAP directory server.

You can add a claim to a CA SiteMinder trusted identity provider at any time. The following illustration describes the process:

Flowchart showing process for adding claims to SiteMinder Trusted Identity Provider

To add a claim to a CA SiteMinder trusted identity provider, follow these steps:

  1. Verify that your account has the required permissions.
  2. Open a SharePoint 2010 Management Shell window on your SharePoint Central Administration server.
  3. Identify your CA SiteMinder trusted identity provider.
  4. Add a claim to your trusted identity provider.
  5. Verify that the new claim exists.
  6. Add an attribute mapping for the new claim.
  7. Update the affiliate domain with a response attribute.
  8. Search for and add users using the new claim.