9:16 p.m.
Hi,
We have seen it before, some SP' s doesn't seems to be installed in the ADFS
server even though they're in the metadata and when doing a manual import they import
without a problem.
The reason is (at least one reason) that we don't remove the SP's from the SPHash
File after deletion.
This means that if a SP is removed or temporarily gone from the Metadata it will be
deleted from the ADFS server but not from SPHash File.
When the SP is back in the metadata with the same information, the hash will be the same
and therefore the Toolkit will ignore it and it will be missing in the ADFS server.
This need a fix asap but is easy to do.
We also have some code to evaluate/repair the situation:
$Global:ADFSTkSkipMetadataSignatureCheck = $true
. "C:\Program
Files\WindowsPowerShell\Modules\ADFSToolkit\2.0.1\Private\Compare-ADFSTkObject.ps1"
$installed = [string[]](Get-ADFSTkToolEntityId -All | select -ExpandProperty Identifier)
$fromHash = [string[]](Import-Clixml
"C:\ADFSToolkit\cache\Swamid-SPHashfile.xml").Keys
$compare = Compare-ADFSTkObject $installed $fromHash -CompareType InSecondSetOnly
foreach ($entityID in $compare.CompareSet)
{
Import-ADFSTkMetadata -EntityId $entityID -ConfigFile
C:\ADFSToolkit\config\institution\config.Swamid.xml -ForceUpdate
}
Best regards
Johan Peterson
IT-Architect
[Linköping University]
IT-Department
s-581 83 Linköping
Phone: +46 (0)13-28 57 30
Mobile: +46 (0)703 222 405
Visiting address: D-Building
Please visit us at liu.se<https://liu.se/>
E-mailing Linköping University will result in Linköping University processing your
personal data. Find more information on how this is done at
https://liu.se/en/article/integritetspolicy-liu