Prerequisites
-
Before you can use any of the features of the connector, IQService must be installed on the computer with the same domain as that of SharePoint Server. For more information about installing IQService, refer to the IQService guide.
-
Install PowerShell version 3.0 or later on the SharePoint Server.
-
To enable the connector to remotely communicate with the SharePoint Server using PowerShell commands, complete the following on the SharePoint Server computer:
-
Ensure that the WinRM service is running on the SharePoint Server and on the IQService system.
-
Run the following command to enable PowerShell remoting:
Enable-PSRemoting -Force
-
Run the following command on the SharePoint Server to configure trust between the SharePoint Server system and the IQService system:
Set-Item wsman:\localhost\client\trustedhosts "<IQService Host>"
-
When IQService establishes a remote PowerShell session with the SharePoint Server, it uses the CredSSP authentication mechanism by default.
Run the following command to set CredSSP as the authentication type for the remote PowerShell session to work on respective computers:
On the SharePoint Server:
Enable-WSManCredSSP -Role ServerOn the IQService System:
Enable-WSManCredSSP -Role client -DelegateComputer "<SharePoint Server System Name>"If you want to use Authentication mechanism as Default, add the following entry in the application debug page:
<entry key="Authentication" value="default"/>
Note
SailPoint only supports the CredSSP and Default authentication mechanisms. -
On the SharePoint Server and IQService system, restart the WinRM service for the new settings to take effect:
Restart-Service WinRM
-