I have a Host Header web application https://example.com (SharePoint 2013) where users will login from ADFS using SAML Claims.
I am in the process of provisioning multiple site collections for individual tenants using the PowerShell cmdlet New-SPSite
An example of a command I'm running is:
New-SPSite -Url "https://newtenant.com" -HostHeaderWebApplication $web -SiteSubscription $sub -Template "sts#0" -OwnerAlias "i:05.t|adfs|admin@newtenant.com"The user admin@newtenant.com is an account which is valid and can be used to login via ADFS (although I'm assuming this doesn't matter, because from my understanding setting -OwnerAlias should just accept anything if it's reading a SAML claim)
However, the command is failing every time due to an invalid -OwnerAlias parameter. The error I'm getting is:
New-SPSite : User cannot be found.I can actually create the site when I use the username format DOMAIN\admin, so for some reason the cmdlet doesn't want to accept my claim unless it's a windows account.
If I create the site using the windows user format, I can then go into central admin and change the site owner to i:05.t|adfs|admin@newtenant.com without a problem.
I can even type in
$s = Get-SPSite "https://newtenant.com"$s.Owner | fl *And to my surprise, it does get set correctly as i:05.t|adfs|admin@newtenant.com
If I try to set the owner using Set-SPSite, I then get the error:
Set-SPSite : The specified user i:05.t|adfs|admin@newtenant.com could not be found.Is this a bug in the SharePoint PowerShell cmdlets? Is it possible I have a setting wrong somewhere?
This is really throwing a spanner in the works as I am hoping to integrate this into a script for provisioning of new tenants.
I am using a custom claims authentication provider to provide SAML Claims resolution and validation, but even if I debug it I get no breakpoint hits when I run New-SPSite