Trouble configuring Service Connection Point in AD RRS feed

  • Question

  • Hi,

    I wonder if someone can help me please. I am trying to implement issuance claim forms and SCP:

    I have setup the issuance of claims and need to configure SCP now. We don't have a test environment and I need to run the following script to our on prem AD to create the SCP:


    $verifiedDomain = ""   # Replace this with any of your verified domain names in Azure AD
    $tenantID = "72f988bf-86f1-41af-91ab-2d7cd011db47"   # Replace this with you tenant ID
    $configNC = "CN=Configuration,DC=corp,DC=contoso,DC=com"   # Replace this with your AD configuration naming context

    $de = New-Object System.DirectoryServices.DirectoryEntry
    $de.Path = "LDAP://CN=Services," + $configNC

    $deDRC = $de.Children.Add("CN=Device Registration Configuration", "container")

    $deSCP = $deDRC.Children.Add("CN=62a0ff2e-97b9-4513-943f-0d221bd30080", "serviceConnectionPoint")
    $deSCP.Properties["keywords"].Add("azureADName:" + $verifiedDomain)
    $deSCP.Properties["keywords"].Add("azureADId:" + $tenantID)



    Would anyone please suggest, what could go wrong? is it safe to run on AD?

    would really appreciate the suggestions.


    Monday, June 18, 2018 3:39 PM