Prerequisites
-
Configure at least one virtual appliance cluster and successfully test the connection. For instructions, refer to the Virtual Appliance Reference Guide.
-
Before you can use any of the features of the connector, IQService must be installed on the computer with the same domain as that of SharePoint Server. For more information about installing IQService, refer to the
-
Install PowerShell version 3.0 or later on the SharePoint Server.
-
To enable the connector to remotely communicate with the SharePoint Server using PowerShell commands, complete the following on the SharePoint Server computer:
-
Ensure that the WinRM service is running on the SharePoint Server and on the IQService system.
-
Run the following command to enable PowerShell remoting:
Enable-PSRemoting -Force
-
Run the following command on the SharePoint Server to configure trust between the SharePoint Server system and the IQService system:
Set-Item wsman:\localhost\client\trustedhosts "<IQService Host>"
-
When IQService establishes a remote PowerShell session with the SharePoint Server, it uses the CredSSP authentication mechanism by default.
Run the following command to set CredSSP as the authentication type for the remote PowerShell session to work on respective computers:
On the SharePoint Server:
Enable-WSManCredSSP -Role ServerOn the IQService System:
Enable-WSManCredSSP -Role client -DelegateComputer "<SharePoint Server System Name>"With the authentication mechanism set as default, add the
Authenticationattribute using the REST API. Note
For more information on SailPoint's REST APIs, refer to Best Practices: REST API Authentication and REST API - Update Source (Partial) in the SailPoint Developer Community.Note
SailPoint only supports the CredSSP and Default authentication mechanisms. -
On the SharePoint Server and IQService system, restart the WinRM service for the new settings to take effect:
Restart-Service WinRM
-