Thursday, May 16, 2013

Incoming claim types do not include Claim Type... error message in SharePoint 2010

I was working with my SharePoint development environment and I had to add new Claim Mappings to my SharePoint Server based on some new Claims that I was sending from ADFS.

One of my options was to completely remove the SP-TrustedIdentityTokenIssuer and then completely re-create it with the new Claim Mappings, but that was a bit of a hassle, so I searched for other ways to simply add new Claim Mappings.

I found a partial answer here: http://blogs.dirteam.com/blogs/tomek/archive/2010/07/14/adding-claim-mapping-to-existing-provider-in-sps-2010-part-deux.aspx

However, as soon as I followed the instructions that were provided in the article, I received the following error message: Add-SPClaimTypeMapping: Incoming claim types do not include claim type 'http://schemas.xmlsoap.org/claims/Group

Interestingly enough, this was the same error message the article was attempting to solve!

Fortunately, I came across this other article which offered a complete solution: http://www.theidentityguy.com/articles/2010/10/19/adding-claims-to-an-existing-token-issuer-in-sharepoint-2010.html

The key point to note is that you have to add the Claim Type to the TrustedIdentityTokenIssuer 1st, ONLY THEN you can add the Claim Type Mapping!!

 $SPTrustedIdp = Get-SPTrustedIdentityTokenIssuer "sts"  
 $SPTrustedIdp.ClaimTypes.Add("http://schemas.xmlsoap.org/claims/Group")  
 $SPTrustedIdp.Update()  

 
 $GroupClaimType = "http://schemas.xmlsoap.org/claims/Group"  
 $groupClaim = New-SPClaimTypeMapping -IncomingClaimType $GroupClaimType -IncomingClaimTypeDisplayName "Group" -LocalClaimType $GroupClaimType  
 Add-SPClaimTypeMapping -Identity $groupClaim -TrustedIdentityTokenIssuer $SPTrustedIdp  

4 comments:

  1. This design is incredible! You definitely know how to keep a reader amused. I was almost moved to start my own blog μ˜¨λΌμΈμΉ΄μ§€λ…Έ

    ReplyDelete
  2. Fantastic job. I really enjoyed
    what you had to say, and more than that, how you presented it.
    Too cool! λ©”μ΄μ €μ‚¬μ΄νŠΈ

    ReplyDelete
  3. Thank you for your idea. You are such an incredible problem solver. λ¦΄κ²Œμž„

    ReplyDelete
  4. Such an incredible post with great informative content. Please keep me updated in this article. Share some more ideas in this article. Now its time to avail chauffeur service houston for more information.

    ReplyDelete