The Test-AdfsFarmInstallation cmdlet performs the checks that you must complete before you run the Install-AdfsFarm cmdlet to install a new federation server farm.
Examples
Example 1: Test the creation of a node in a federation server farm
The first command uses the Get-Credential cmdlet to create a credential object for the Active Directory account under which the AD FS service runs.
The command stores the credential object in the $Cred variable.
The second command tests the creation the first node in a federation server farm that uses the Windows Internal Database on the local server computer.
The command specifies a thumbprint of the certificate.
AD FS uses this certificate as the SSL certificate and the service communications certificate.
The command uses automatically generated, self-signed certificates for the token signing and token decryption certificates.
The command specifies the credentials stored in $Cred for the Active Directory account under which the AD FS service runs.
Parameters
-AdminConfiguration
Specifies admin configuration.
Parameter properties
Type:
Hashtable
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-CertificateThumbprint
Specifies the value of the thumbprint of the certificate that the Secure Sockets Layer (SSL) binding of the default website uses in Internet Information Services (IIS).
This value must match the thumbprint of a valid certificate in the certificate store of the local computer.
Parameter properties
Type:
String
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Credential
Specifies a PSCredential object based on a user name and password.
To obtain a PSCredential object, use the Get-Credential cmdlet.
For more information, type Get-Help Get-Credential.
Parameter properties
Type:
PSCredential
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-DecryptionCertificateThumbprint
Specifies the value of the thumbprint of the certificate that Active Directory Federation Services (AD FS) uses for token decryption.
If you specify this parameter, AD FS disables automatic certificate rollover, and you must specify a token signing certificate by specifying the SigningCertificateThumbprint parameter.
This value must match the thumbprint of a valid certificate in the certificate store of the local computer.
Specifies the display name of the Federation Service.
The name of the Federation Service appears by default in sign-in pages.
Parameter properties
Type:
String
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-FederationServiceName
Specifies the Domain Name System (DNS) name of the Federation Service.
This value must match the subject name of the certificate that you configure on the SSL binding in IIS.
Parameter properties
Type:
String
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
True
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-GroupServiceAccountIdentifier
Specifies the name of the group Managed Service Account that the AD FS service uses as the logon identity for the AD FS Windows service.
Indicates that the AD FS service removes an existing AD FS configuration database and overwrites it with a new database.
Parameter properties
Type:
SwitchParameter
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-ServiceAccountCredential
Specifies a PSCredential object based on a user name and password for the service account in Active Directory® Domain Services under which the AD FS service runs.
To obtain a PSCredential object, use the Get-Credential cmdlet.
For more information, type Get-Help Get-Credential.
Specifies the value of the thumbprint of the certificate that the AD FS service uses for token signing.
If you specify this parameter, AD FS disables automatic certificate rollover, and you must also specify a token decryption certificate by using the DecryptionCertificateThumbprint parameter.
This value must match the thumbprint of a valid certificate in the certificate store of the local computer.
Specifies the Microsoft SQL Server database that stores the AD FS configuration settings.
If you do not specify this parameter, the AD FS installer uses the Windows Internal Database to store configuration settings.
Specifies the value of the port number of the SSL binding that the AD FS website uses.
Parameter properties
Type:
Int32
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-TlsClientPort
Specifies the port number that the AD FS service uses for Transport Layer Security (TLS) authentication for the user certificate client.
The default value is 49443.
Parameter properties
Type:
Int32
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters.