en-US/about_SPTrustedIdentityTokenIssuerProviderRealms.help.txt

.NAME
    SPTrustedIdentityTokenIssuerProviderRealms
 
# Description
     
    **Type:** Distributed
    **Requires CredSSP:** No
     
    This resource is used to add or remove provider realms to
    SPTrustedIdentityTokenIssuer in a SharePoint farm. The "ProviderRealms"
    property will set a specific list of realms, making sure
    that every realm in the list is set and all others that are
    already configured but not in this list will be removed.
    The "ProviderRealmsToInclude" and "ProviderRealmsToExclude" properties
    will allow you to control a specific set of realms to add or remove,
    without changing any other realms that are set already. Include and
    Exclude can be combined together. RealmUrl is the key and should be
    unique, otherwise existing RealmUrn value will be updated/replaced.
 
.PARAMETER IssuerName
    Key - String
    Name of the SPTrustedIdentityTokenIssuer
 
.PARAMETER ProviderRealms
    Write - String
    Realms to set. Those not in this list will be removed
 
.PARAMETER ProviderRealmsToInclude
    Write - String
    Realms to add. Realms not in this list will be left
 
.PARAMETER ProviderRealmsToExclude
    Write - String
    Realms to remove. Realms not in this list will be left
 
.PARAMETER Ensure
    Write - String
    Allowed values: Present, Absent
    Present if the ProviderRealms should be created, or Absent if it should be removed
 
.PARAMETER InstallAccount
    Write - String
    POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5
 
.EXAMPLE 1
 
This example adds provider realms to existing trusted token issuer.
Existing will be removed.
 
Configuration Example
{
    param(
        [Parameter(Mandatory = $true)]
        [PSCredential]
        $SetupAccount
    )
    Import-DscResource -ModuleName SharePointDsc
 
    node localhost {
        $ProviderRealms = @()
        $ProviderRealms += MSFT_SPProviderRealm {
                                RealmUrl = "https://search.contoso.com"
                                RealmUrn = "urn:sharepoint:contoso:search"
                            }
 
        $ProviderRealms += MSFT_SPProviderRealm {
                                RealmUrl = "https://intranet.contoso.com"
                                RealmUrn = "urn:sharepoint:contoso:intranet"
                                }
 
        SPTrustedIdentityTokenIssuerProviderRealms Farm1OverwriteExample
        {
            IssuerName = "Contoso"
            ProviderRealms = $ProviderRealms
            Ensure = "Present"
            PsDscRunAsCredential = $SetupAccount
        }
    }
}
 
.EXAMPLE 2
 
This example adds provider realms to existing trusted token issuer.
Existing are left and not removed.
 
Configuration Example
{
    param(
        [Parameter(Mandatory = $true)]
        [PSCredential]
        $SetupAccount
    )
    Import-DscResource -ModuleName SharePointDsc
 
    node localhost {
 
        $ProviderRealmsToInclude = @()
        $ProviderRealmsToInclude += MSFT_SPProviderRealm {
                                RealmUrl = "https://search.contoso.com"
                                RealmUrn = "urn:sharepoint:contoso:search"
                                }
 
        $ProviderRealmsToInclude += MSFT_SPProviderRealm {
                                RealmUrl = "https://intranet.contoso.com"
                                RealmUrn = "urn:sharepoint:contoso:intranet"
                                }
 
        SPTrustedIdentityTokenIssuerProviderRealms Farm1IncludeExample
        {
            IssuerName = "Contoso"
            ProviderRealmsToInclude = $ProviderRealmsToInclude
            Ensure = "Present"
            PsDscRunAsCredential = $SetupAccount
        }
    }
}
 
.EXAMPLE 3
 
This example excludes provider realms from
existing trusted token issuer.
Existing and not excluded are left and not removed.
 
Configuration Example
{
    param(
        [Parameter(Mandatory = $true)]
        [PSCredential]
        $SetupAccount
    )
    Import-DscResource -ModuleName SharePointDsc
 
    node localhost {
        $ProviderRealmsToExclude = @()
        $ProviderRealmsToExclude += MSFT_SPProviderRealm {
                                RealmUrl = "https://search.contoso.com"
                                RealmUrn = "urn:sharepoint:contoso:search"
                                }
 
        $ProviderRealmsToExclude += MSFT_SPProviderRealm {
                                RealmUrl = "https://intranet.contoso.com"
                                RealmUrn = "urn:sharepoint:contoso:intranet"
                                }
 
        SPTrustedIdentityTokenIssuerProviderRealms Farm1ExcludeExample
        {
            IssuerName = "Contoso"
            ProviderRealmsToExclude = $ProviderRealmsToExclude
            Ensure = "Present"
            PsDscRunAsCredential = $SetupAccount
        }
    }
}
 
.EXAMPLE 4
 
This example includes and excludes provider realms
from existing trusted token issuer.
Existing and not excluded are left and not removed.
 
Configuration Example
{
    param(
        [Parameter(Mandatory = $true)]
        [PSCredential]
        $SetupAccount
    )
    Import-DscResource -ModuleName SharePointDsc
 
    node localhost {
        $ProviderRealmsToInclude = @()
        $ProviderRealmsToInclude += MSFT_SPProviderRealm {
                                RealmUrl = "https://search.contoso.com"
                                RealmUrn = "urn:sharepoint:contoso:search"
                                }
 
        $ProviderRealmsToInclude += MSFT_SPProviderRealm {
                                RealmUrl = "https://intranet.contoso.com"
                                RealmUrn = "urn:sharepoint:contoso:intranet"
                                }
 
        $ProviderRealmsToExclude = @()
        $ProviderRealmsToExclude += MSFT_SPProviderRealm {
                                RealmUrl = "https://search1.contoso.com"
                                RealmUrn = "urn:sharepoint:contoso:search1"
                                }
 
        $ProviderRealmsToExclude += MSFT_SPProviderRealm {
                                RealmUrl = "https://intranet.contoso.com"
                                RealmUrn = "urn:sharepoint:contoso:intranet"
                                }
 
        SPTrustedIdentityTokenIssuerProviderRealms Farm1IncludeExcludeExample
        {
            IssuerName = "Contoso"
            ProviderRealmsToInclude = $ProviderRealmsToInclude
            ProviderRealmsToExclude = $ProviderRealmsToExclude
            Ensure = "Present"
            PsDscRunAsCredential = $SetupAccount
        }
    }
}