Using ADFS with SharePoint Foundation 2013?

We have a WSS 3.0 web site used primarily for sharing documents with business partners who do not work for our company.  We plan on doing the 2 step upgrade to SharePoint Foundation 2013
Our internal users also use it but normally just use internal network file shares if they aren't planning to share the documents with external users.
Each business partner's company has a sub site within our main WSS site and documents are uploaded to that section of the site if we want to share documents with employees of that company. 
Since we use AD for authentication, to make this work, we create AD user accounts for each external user and add them to a security group that gives them access to only their company's subsite on the main site.  
We have to maintain their passwords, reset them and delete/disable them when that person no longer needs access.  Each business partner has a limit on the number of users who can get one of our AD accounts due to limits on the number of CALs available
to them.  It is messy because these users often forget their passwords since they aren't using these accounts every day.  
Is there a better way to do this so that we no longer have create and maintain user accounts for external users other than having to do a domain trust with all these other domains?
I have heard of ADFS, but will it allow us to still control which sites and documents the external company users can access if we are not creating and managing the accounts and adding them to the correct security groups ourselves?
We don't want every user from the partner's domains to be able to access the site.  If we use ADFS, how do we keep control of which external users have access to the site?

Yes, you would add permissions just the same way you do with users from your local Active Directory. And yes, if you chose the email address to be the user's identifier, you would simply ask for the email addresses that you wanted and input those to the
appropriate permissions on your SharePoint sites.
You'll want to take a look at this:
http://blogs.msdn.com/b/russmax/archive/2013/10/31/guide-to-sharepoint-2013-host-name-site-collections.aspx
Also another thing to keep in mind is that you'll need to have those 3rd parties set up ADFS themselves, and you'll create an ADFS Trust between you and the 3rd party.
Trevor Seward
Follow or contact me at...
&nbsp&nbsp
This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

Similar Messages

  • Using Office Web Apps Server with SharePoint Foundation 2013

    I want to know whether I can configure Office Web Apps server to edit Excel documents on a SharePoint Foundation 2013 site.
    I came across a TechNet article that states that "When used together with SharePoint Server 2013, Office Web Apps Server provides updated versions of Word Web App, Excel Web App, PowerPoint Web App, and OneNote Web App".
    However, later in the same article, it states "If your organization licenses Office 2013 through a Volume Licensing program, you can enable Office Web Apps editing for SharePoint 2013 on-premises" (without mentioning Foundation or Server).

    Hi Lemesnil,
    The Office Web App server should support the Edit licenses for SharePoin Foundation 2013, Office Web App is free to
    download, you can also try installing and configuring in a test environment, see more from the below article applied to SharePoint Foundation 2013.
    http://support.microsoft.com/kb/2886404/en-us
    http://blogs.technet.com/b/speschka/archive/2012/12/31/enabling-licensing-and-editing-for-office-web-apps-in-sharepoint-2013.aspx
    Anohter useful article aobut how to license Office Web App server, you can take a look.
    http://blogs.technet.com/b/volume-licensing/archive/2013/05/22/how-to-license-office-web-apps-server.aspx
    Thanks
    Daniel Yang
    TechNet Community Support

  • Newsfeed with SharePoint Foundation 2013

    Hi,
    I want to have a couple of news feeds on my SharePoint Foundation 2013 Sites. I want everyone to comment on these news feeds. Which list/web part would do the best jobs?
    Each individual user should have the ability to have an aggregated view of a subset of these feeds. Which technology would be available for this?
    Thanks for any advice
    Peter

    If you are looking for utilizing the OOB features of SharePoint Foundation, Discussion board is the only option which provides commenting on items.
    Raghavendra Shanbhag | Blog: www.SharePointColumn.com
    Please click "Propose As Answer " if a post solves your problem or "Vote As Helpful" if a post has been useful to you.
    Disclaimer: This posting is provided "AS IS" with no warranties.

  • Team Foundation Server 2013 with SharePoint Foundation 2013 - Search not available?

    Hello,
    we installed a TFS 2013  and let it deploy SharePoint Foundation on the same server. We are now faced with the fact that search in the teamsites is not working. I tried to get that search service up and running in a number of ways but it appears
    as if there's no search service at all.
    I have seen all the blogs where people are explaining how to provision a search service application for SharePoint Foundation but none of these ways work.
    So, my question... is it possible to get it working?
    PS. Please don't advice to post this on the TFS forum... I'm coming from there. They just closed my question as answered with the advice to post it in the SharePoint forum.
    TIA,
    Bart

    Well,
    When you go to the Search Settings in the Site Actions menu of a site, a message is displayed that there's no search Service. Which is kind of normal since there's no Search Service Application provisioned.
    When I go to Central Administration => Services on Server => There's no Search Service.
    When I go to Central Administration and I run the configuration wizard, there's no search service application to be provisioned.
    There's a Search Administration section in the General Settings but it only displays the upper section. The lower section (with the Search Service Application information) just gives me nothing. An animated loading icon.
    I tried to provision the services with psconfig (psconfig -cmd services -install) but there's still no search service to be found anywhere. After this, I do have a Search Host Controller service but when I try to start it in Central Administration, it just
    gives me an error.
    I'm starting to think it's not a full SharePount Foundation which is shipped with TFS.
    The only thing we want to achieve is that a user can search for a document he uploads in a team site which is created by TFS. Seems not possible... unless I'm missing something here.

  • Creating a Link to a Folder on a Server with Sharepoint Foundation 2013

    Hi All,
    I am looking to create a link from a page on my Sharepoint site to a folder on one of the companies servers. I have had a lot of trouble with this.
    Is there a piece of code I can use to do this?
    Thanks in advance.

    Ahh. You are using SharePoint Foundation. Yes in that case you would not have that feature.
    That makes your requirements bit tricky given I verified creating this link without Publishing feature activated and it did not work and hence I tend to believe that it would not work in your case without that feature.
    What you can try is drop the page viewer web part and try configuring it to open your file share and see if that helps. I do not have Foundation otherwise I would have verified this before posting but give it a try and see if it helps.
    http://neelb.wordpress.com/2011/09/16/displaying-a-web-site-or-file-or-a-folder-in-the-page-viewer-web-part/
    Amit

  • Schedule SharePoint Server 2013 discoveries along with SharePoint Foundation 2013 discoveries

    Hi
    So I'm trying to add the SharePoint Server discoveries in SCOM 2012 - pasted the code straight of the MS guide into the config file:
        <Workflow Id="MOSSInstallation.Discovery;WACInstallation.Discovery;SearchExpressInstallation.Discovery;SearchStandardInstallation.Discovery" MP="Microsoft.SharePoint.Server.2013.Discovery" Type="Discovery"
    Times="1" />
        <Workflow Id="SPService.Discovery" MP="Microsoft.SharePoint.Server.2013.Discovery" Type="Discovery" Times="4" />
        <Workflow Id="SPSharedService.Discovery" MP="Microsoft.SharePoint.Server.2013.Discovery" Type="Discovery" Times="4" />
        <Workflow Id="SPSharedService.Discovery.WAC" MP="Microsoft.SharePoint.Server.2013.Discovery" Type="Discovery" Times="4" />
    However when I run the "Configure" Task I get the following error: (NOTE - I discovered that the Dir "Monitoring Host Temporary Files 28803\2522979" does not even exist - )
    The Event Policy for
    the process started at 8:13:26 AM has detected errors in the output. The
    'StdErr' policy expression:
    .+
    matched the
    following output:
    Exception calling
    "GetDiscovery" with "1" argument(s): "An object of
    class ManagementPackDiscovery with ID fedca251-56d5-be00-d6af-9cae645d6f36 was
    not found."
    Failed to find
    workflows WSSInstallation.Discovery in Microsoft.SharePoint.Foundation.Library
    Command executed:
    "C:\Windows\system32\cmd.exe" /c powershell.exe -NoLogo -NoProfile
    -Noninteractive "$ep = get-executionpolicy; if ($ep -gt 'RemoteSigned')
    {set-executionpolicy remotesigned} & '"E:\Program Files\System Center
    2012\Operations Manager\Server\Health Service State\Monitoring Host Temporary
    Files 28803\2522979\AdminTask.ps1"'
    'Microsoft.SharePoint.Foundation.Library.mp.config'"
    Working Directory:
    C:\Program Files\System Center Management Packs\
    One or more
    workflows were affected by this.
    Workflow name:
    Microsoft.SharePoint.ConfigSharePoint
    Instance name:
    Microsoft SharePoint Farm Group
    Instance ID:
    {6CB0A80D-D833-26EA-13C1-0CA48A57F5E2}
    Management group:
    Error Code:
    -2130771918 (Unknown error (0x80ff0032)).
    If anyone has any ideas that would be great -
    J

    Hello Jon,
    Thank you for your question.
    We are currently looking into this issue and will give you an update as soon as possible.
    Thank you for your understanding and support.
    Victoria
    Forum Support
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
    [email protected]
    Victoria Xia
    TechNet Community Support

  • Sharepoint Foundation 2013 User field issue

    Guys, I have an issue with Sharepoint Foundation 2013 site that we have created some custom workflows for. We have a couple required fields that we type in a users name and it automatically pulls up a user based on Active directory. once we choose that name
    and then save the form. the field immediately becomes blank when i open the workflow item back up. I'm kind of at a loss. I've already totally hosed the server once and was forced to restore.  This seams to have started when we installed share point server
    patch KB2881077 but i cannot uninstall or roll back the patch as there is no option to.
    Thoughts?

    If you're using SharePoint 2013 April 2013 CU or higher, this is a known issue where the People data is missing in Edit view. There is a separate issue that is resolved in the September 2014 CU:
    http://support.microsoft.com/kb/2995905
    Consider the following scenario:
    You create a SharePoint 2013 list that contains a Person or Group (people picker) column.
    You create or edit an item, and then you select a person whose name contains a comma in the Person or Group field.
    In this scenario, the value of the Person or Group field is lost when you save the item. 
    Trevor Seward
    Follow or contact me at...
    &nbsp&nbsp
    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

  • MasterPages and SharePoint foundation 2013

    Hi
    I have created a web application in SharePoint Foundation 2013. I also have created multiple subsite.
    I want to change the visual (branding) of the website (and all subsites).
    I have created a custom masterpage and wanted to set it as the default master page. But when I do that, everything is now set with that custom masterpage (even the site setting pages, the viewlsts.aspx, settings.aspx).
    Is there a way to bind masterpages only with the content pages of my website ?
    Any links for info about that ?
    Thanks
    Richard Martin Web Developer / BI Developer

    Hi  marric01,
    All of the site setting pages, the viewlsts.aspx and settings.aspx is the application page. An application page is an ASP.NET Web page that is designed for
    use in a SharePoint Web site. Application pages are stored on the file system of the front-end Web server in the %ProgramFiles%\Common Files\Microsoft Shared\web server extensions\14\TEMPLATE\LAYOUTS directory and exist for every site in a Web application.
    This folder is mapped to an Internet Information Services (IIS) virtual directory called _layouts. Every site and subsite will have access to the application pages by using the _layouts virtual directory. 
    The scenario you have seen is what SharePoint will do when set the master page through Site Settings->Master page. All the pages on the site will apply this master page. 
    The settings.aspx, viewlsts.aspx and upload.aspx. etc. are application pages, the difference between application page and content page is that: application page store in server 15/Template/Layouts folder, all applications in the SharePoint farm use the same
    application page, while content page store in content database, each site use a unique page of them, you can update the page content in different site as you like.
    SharePoint by default doesn’t provide a method to set different master page for application pages, and this is not recommended, even if you can change this through update the page directly in the layouts folder, whenever you change it, it will affect the whole
    SharePoint farm, on all web applications.
    If you really need to this, I would suggest you to custom the ribbon button to direct to your custom specific application page like settings page. The concern by doing this is the default settings page is still available, and if users access the page by typing
    the url directly, he will see the default settings page.
    Reference:
    http://msdn.microsoft.com/en-us/library/aa979592.aspx
    Thanks,
    Eric
    Forum Support
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support,
    contact [email protected].
    Eric Tao
    TechNet Community Support
    Hi,
    Thanks for the information. While waiting for help with this forum, I was playing with SharePoint Foundation 2013 and SharePoint designer 2013. I saw that I can bind custom masterpage for each page that I create.
    (Style => Attach => Custom masterpage)
    I also managed to bind subsite pages to that same custom masterpage. 
    Is this a good way to customize the look and feel of my SharePoint foundation 2013 website (We are building a small intranet for about 100 person).
    Users are only gona be able to modify content inside the pages. We are (IT dept) the only one that can modify structure, add new pages and modify the look for the website.
    Thanks again !
    Richard
    Richard Martin Web Developer / BI Developer

  • SharePoint Foundation 2013 - Can we use the foundation for intranet portal with high availability ( medium farm)

    Today I had requirement, where we have to use the SharePoint Foundation 2013 (free version) to build an intranet portal ( basic announcement , calendar , department site , document management - only check-in check-out / Version).
     Please help me regarding the license  and size limitations. ( I know the feature comparison of Standard / Enterprise) I just want to know only about the installation process and license.
    6 Server - 2 App / 2 Web / 2 DB cluster ( so total license 6 windows OS license , 2 SQL Server license and Guess no sharepoint licenes)

    Thanks Trevor,
    Is load balance service also comes in free license... So, in that case I can use SharePoint Foundation 2013 version for building a simple Intranet & DMS ( with limited functionality).  And for Workflow and content management we have to write code.
    Windows Network Load Balancing (the NLB feature) is included as part of Windows Server and would offer high availability for traffic bound to the SharePoint servers. WNLB can only associate with up to 4 servers.
    Trevor Seward
    Follow or contact me at...
    &nbsp&nbsp
    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

  • Sharepoint foundation 2013 : After doing backup cannot access the site "Sorry, this site hasn't been shared with you"

    I am using SharePoint Foundation 2013 , i have backed up the site using powershell with the following command:
    -backup-spsite -identity http://dmsserver/sites/demo/ -path C:\SPSiteBackup.bak
    After backup finished, i can't access the site, the message "Sorry, this site hasn't been shared with you" appears, even the site administrator collection is configured coorectly, with the  Administrator account.
    Whats the problem?
    Please Advice.

    Hi husseinsa,
    According to your description, my understanding is that you could not access the site after backing up the site collection in SharePoint 2013 Foundation.
    Could you access other sites at the same site collection?
    Let’s do a troubleshooting for this issue:
    Please delete the IE cache:  IE options->General->Delete, select all checkboxes, and click Delete.
    Go to CA->Application Management->Manage web applications, select the web application which hosts the problematic site .
    Click Permisson Policy, make sure there are not any deny policies for site collection administrator and site collection auditor.
    Back to the web application list page, click User Policy, check whether there are any user policies for denying permissions.
    Change the site collection administrator or add a secondary site collection administrator in CA, then use the new site collection administrator to log in the site, compare the result.
    Open IIS, expand the server, and click application pools.
    Find the problematic web application pool, make the identity of the pool is correct, then do an IISRESET, compare the result.
    If this issue still exists, please check the log file to find more information about this issue. The path of the log file is
    : C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\LOGS.
    Or you can use Event Viewer(Start->Run->event viewer) to find the log.
    I hope this helps.
    Thanks,
    Wendy
    Wendy Li
    TechNet Community Support

  • SharePoint Approval Workflow using SharePoint Designer in SharePoint Foundation 2013

    I am unable to do SharePoint Designer workflow for approval process and I didnt get any Approval process in Actions in SharePoint designer Workflow also I don't find workflow features in Site collection features SharePoint 2013.
    Even I am not able to do simple Out of the box Approval Workflow.
    Kindly help me with this

    Unfortunately, Out of the box workflows are not available in SharePoint foundation 2013, you need at least the standard version of SharePoint 2013.
    You can still create .Net Workflows using the 2010 plateform.
    Take a look at this great comparative between the three versions of SharePoint 2013 :
    http://blog.blksthl.com/2013/01/14/sharepoint-2013-feature-comparison-chart-all-editions/

  • Sharepoint foundation 2013: office docs can be opened in browser using IE but not in firefox or chrome?

    Hi
    Sharepoint foundation 2013:
    why when we open an excel or word  using chrome and firefox browser it wants to download the file.
    It can be opened in browser using IE but not in firefox or chrome?
    Any issues?
    Thanks

    Hello MGerio,
    Can you check what your Browser File Handling settings are of the web application (of the excel/word files)?
    http://social.technet.microsoft.com/wiki/contents/articles/8073.sharepoint-browser-file-handling-deep-dive.aspx
    - Dennis | Netherlands | Blog |
    Twitter

  • Site Login Behavior For SharePoint Foundation 2013 Users With Expired Passwords?

    What are the most user-friendly ways of getting external users with expired AD passwords back into the SharePoint site with a new working password?
    We already send automated email notifications to users reminding them to change their soon-to-expire passwords.  However, sometimes they miss seeing the email notifications before the password expires (such as after returning from vacation or just carelessness
    and lack of attention to email messages) or they see the warning messages and forget to act on it.
    When this happens and they try to log into the SharePoint site from the Internet, their login fails without telling the user the reason they can't log in is because their password expired.  So, they end up confused and call the help desk to get their
    password reset.
    Is there a way to set up SharePoint Foundation 2013 login in a similar way to the OWA login so that, when a user with a correct but expired password tries to log in, it gives them a prompt to set a new password right there rather than just an error indicating
    their login failed for unknown reasons or password is "incorrect?"

    It could be done. You get a different event log entry for an expired login attempt than for a wrong password, 4625 events denote a login failure and an error ID of 23 denotes a logon failure.
    A naff, but simple, approach would be to create a tool that checks your server logon event log for 4625 entries and then emails that user, or the help desk, or security, that they're trying to get onto your system with expired credentials.
    For a more polished experience you've got a lot more work and bluntly it's going to be impractical for you. You'd have to re-write sections of the SharePoint authentication process or intercept the process, both are risky and not a good idea to try.
    There's a really interesting paper here that might be of interest, it won't help you in your current situation but it might shed more light on the overall authentication/authorisation process.
    http://www.sans.org/reading-room/whitepapers/forensics/windows-logon-forensics-34132

  • Viewing PDF Portfolio using Adobe Acrobat XI Pro in Sharepoint Foundation 2013

    When opening a PDF Portfolio, created using Adobe Acrobat XI Pro, in Sharepoint Foundation 2013 the pages are blank in the default Layout view but you can see the contents in File view. How do we correct that so the files appear in both views? Local IT stated it is an ADOBE problem.

    [discussion moved to Creating, Editing & Exporting PDFs forum]

  • Collaborate on Excel workbooks with Sharepoint Foundation

    My company recently implemented SharePoint Foundation 2013 and our shared Excel workbooks are no longer allowing multiple users to collaborate at the same time. We have verified that all the settings and permissions are correct and that checking in and
    checking out is not required. Is this something that is not available with SharePoint Foundation? We are using Office 2013 installed on the clients, not Office online. Thank you.

    Co-authoring of Excel workbooks is only supported when all the editors are using the Excel web application, not the Excel client application.
    From
    Microsoft's overview of co-authoring in SharePoint 2013:
    >"Co-authoring is easy to use from the end user’s point of view. When a user wants to work on a document in Word 2013, PowerPoint 2013, OneNote 2013, Visio 2013 or one of the Office Web Apps, he or she merely opens it from SharePoint 2013 or SharePoint
    Online, as usual. If another user already has the document open, both users can edit the document at the same time.
    One exception to this is that users can co-author in Excel Web App only if everyone uses the Excel Web App to access the workbook. If anyone uses Excel 2013 or Excel 2010 (the client application)
    to access the workbook, co-authoring in Excel Web App will be disabled for that workbook while it is open in the client application."
    >"The Excel 2013 client application does not support co-authoring workbooks in SharePoint 2013 or SharePoint Online. But, the Excel client application uses the Shared Workbook feature to support non-real-time co-authoring workbooks that are stored
    locally or on network (UNC) paths."

Maybe you are looking for