One Important SAML Claims Property to Never Touch in SharePoint 2013

Hi folks, it has come to my attention that there is one particular property on the SPTrustedIdentityTokenIssuer in SharePoint 2013 that you should absolutely never ever touch or try to change in any way.  2013 introduces a new property on the SPTrustedIdentityTokenIssuer called the MetadataEndPoint, and I won’t even bother getting into what that property is all about or how it’s used because that would likely only increase your temptation to try and nuance it into doing something that it may not be able to.  Suffice for now to say that you do not want to try and set this property yourself.  It’s possible that there may be an application that modifies this or that we can loosen this restriction in the future, but for now I encourage you in the strongest terms possible to not fool around with it.  If you do it’s entirely possible for you to leave your farm in a state that is nearly non-functional and potentially unfixable – it certainly cannot be resolved by customers using any supported methodology.  Just a heads up to try and help you steer clear and stay safe out there.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s