Skip to content

Installation and upgrade steps

Jump to bottom
Ryan Newington edited this page Feb 22, 2017 · 7 revisions

Installation

1. Create an SmsServiceProvider library

If you have SMS-based self-service password reset already configured you can skip this step. If you don't already have an SmsServiceProvider, review the guide on creating an SmsServiceProvider

2. Download the SharePoint WSP package

Download the latest package from the releases page

3. Install the module into the SharePoint farm

Using the SharePoint Management Shell

Add-SPSolution -LiteralPath "D:\temp\user-verification.wsp"
Install-SPSolution -Identity user-verification.wsp -WebApplication "http://mimportal.my.domain" -Force -GACDeployment  -FullTrustBinDeployment
Enable-SPFeature -Identity user-verification -Url "http://mimportal.my.domain/IdentityManagement"
iisreset

Using stsadm

stsadm -o addsolution -filename D:\temp\user-verification.wsp
stsadm -o deploysolution -name user-verification.wsp -url http://fim/IdentityManangement/ -immediate -allowgacdeployment
stsadm -o activatefeature -name user-verification -url http://fim/IdentityManangement/

4. Modify the SharePoint web.config

Modify the SharePoint web.config file to include the lithnetUserVerification section, and configure the location of the SMS provider DLL. ​

  • In the <configSections> element, add the following line
<section name="lithnetUserVerification" type="Lithnet.ResourceManagement.UI.UserVerification.AppConfigurationSection,   Lithnet.ResourceManagement.UI.UserVerification"/>
  • Add the following section towards the end of the file. Replace the path to the SMS provider DLL as appropriate for your environment.
 <lithnetUserVerification smsServiceProviderDll="%ProgramFiles%\Microsoft Forefront Identity Manager\2010\Service\SmsServiceProvider.dll" />

Ensure that any dependant DLLs that your SMS provider requires are located in the same path.

5. Edit your user view and edit RCDCs and include the following new control

<my:Control my:Name="SmsLink" my:TypeName="UocHyperLink" my:Caption="Verify user" my:Description="" my:RightsLevel="{Binding Source=rights, Path=msidmOneTimePasswordMobilePhone}">
     <my:Properties>
        <my:Property my:Name="Text" my:Value="Verify this user using an SMS token"/>
        <my:Property my:Name="NavigateUrl" my:Value="~/_layouts/user-verification/Verify.aspx?id=%Attribute_ObjectID%"/>
     </my:Properties>
</my:Control>

6. Assign permissions

Only users who can read the msidmOneTimePasswordMobilePhone attribute can use the tool. Create the sets and MPRs to allow the appropriate users to access the tool.

7. Perform an iisreset

When visiting the User Edit/View page, you should now have a link to the user verification module, provided the user has permission to read the msidmOneTimePasswordMobilePhone attribute

8. Customize the module (optional).

The Configuration file reference provides details on how you can modify settings such as the length of the SMS code, the attributes that are displayed in the user interface, and optionally restrict access to a particular set of users

Upgrading

Using the SharePoint Management Shell

Update-SPSolution -Identity user-verification.wsp -LiteralPath "D:\temp\user-verification.wsp" -GACDeployment -FullTrustBinDeployment 
iisreset

Using stsadm

stsadm -o upgradesolution -name user-verification.wsp -filename "d:\temp\user-verification.wsp" -immediate -allowgacdeployment
Clone this wiki locally