In this short arcticle you’re gonna find out how to check ADFS product version on multiple remote servers. Recently I had to scan my environment for auditing purpose. One of the tasks was to compare ADFS service product version. ADFS product version To check it on single machine we can use Get-Item cmdlet: It getting a little bit more complicated if you have plenty of severs and they are Server …
Today I want to share simple script for getting ADFS token requests remotely. It might be useful if you want to ensure that load is equally processed in your farm. ADFS token requests Script is based on Get-Counter command where we have to specify ADFS tokens counter “\AD FS\token requests/sec”. It monitors the number of token requests sent to the federation server including SSOAuth token requests per second. More info …
Updating XML file is pretty simple. The more difficult part is to do this remotely and create nice formatted output. In this article I will try to explain how to do this in simple way. Updating XML file Lets say that structure of our Web.Config XML file will look like this and we want to check value from Encryption key: Configuration -> AdfsConfiguration -> Certificate -> Add To import file …
A long time ago I added short article about checking CPU and Memory utilization. This time I wanted to create simple report with few additional details. Memory utilization Checking memory utilization can be done in multiple ways. This time I want to show you how to do this using Get-WMIObject command. Here you can see simple one-liner script to check top 5 processes: As you can see above output doesn’t …
Taskkill command can be very useful when it comes to daily operational tasks. I often had situation that several ADFS web servers were not working properly. Recently I’ve been flooded by SCOM alerts about service failure. First recommended step is to restart ADFS service. Unfortunately normal service restart does not solve the issue. Taskkill command comes to rescue – it allows to terminate completely affected process. Taskkill Ends one or …
Recently I had to check if adfssvr account is present in “Generate security audits” policy settings. As I’m working in large scale environment and mostly on server cores it was obvious that it needs to be done by script. User Rights Assignment Below you can find list of user rights. In this example we will focus on SeAuditPrivilege – Generate security audits. More info about user rights – link. To …
Recently I was looking for easy way to export output into two columns CSV file. Finding solution for this was a little bit difficult because some values of the properties were another objects or they were for example data.table types. Below you will find how to do this based on one of the ADFS module commands. Get-AdfsRelyingPartyTrust The Get-ADFSRelyingPartyTrust cmdlet retrieves the relying party trusts in the Federation Service. You …
Today you will find out how to create token bloat report and send it to specified email address. If you are working in large scale environment you may find this useful. Token bloat There is often a situation when some user is complaining that he is unable to access some corporate applications. After short investigation you can find that one of the reason for that might be large number of …
Today I want to show you how to check relying party signing certificates. If you working in large scale ADFS environment where you have huge amount of relying parties it might be difficult to check lots of thing manually. This is why you are forced to use ADFS cmdlets available on microsoft pages – link. In this article you will find out how to check signing certificates using PowerShell function. …
During work in large scale ADFS environment there is often situation when you are forced to quickly restart IIS on multiple machines. Of course you won’t spend whole day doing this manually. In this article I would like to share one of my scripts which will help to determine the status of Web Application Pools and then restart IIS if needed. On the beginning of this script I added some …