If you have ADFS you know what happens when it stops working :P, I think the best way to check it is trying to authenticate to it.

So I wrote a little function that will do that.

Usage: (this test user does not need any special permissions)

if(checkADFS -fqdn "adfs.organization.com" -user "testUser@organization.com" -pass "P@$$W0RD") { "AFDS is working" } else { "ADFS is NOT working" }

If it is not working… you can do what ever you want, some examples are write event to event viewer that your monitoring application will pickup or restart a service or even the server.

The function:

function checkADFS() { param( [string]$fqdn, [string]$user, [string]$pass ) $url = "https://$fqdn/adfs/ls/IdpInitiatedSignon.aspx" $ie = New-Object -comobject InternetExplorer.Application $ie.visible = $false $ie.silent = $true $ie.Navigate($url) while($ie.busy){Start-Sleep 1} $secLink = $ie.Document.getElementById('idp_SignInButton') $secLink.click() while($ie.busy){Start-Sleep 1} $ie.Document.getElementById("userNameInput").value = $user $ie.Document.getElementById("passwordInput").value = $pass $loginBtn = $ie.Document.getElementById('submitButton') $loginBtn.click() while( $ie.busy){Start-Sleep 1} $status = $ie.Document.getElementById('idp_SignInThisSiteStatusLabel') if($status -ne $null -and $status.textContent.Contains("You are signed in")) { $answer = $true $signOutBtn = $ie.Document.getElementById('idp_SignOutButton') $signOutBtn.click() } else { $answer = $false } while($ie.busy){Start-Sleep 1} $ie.Quit() return $answer }

* This does not work with IE 11 for some reason I am still checking for a solution to that.

Share this: Twitter

Facebook

Like this: Like Loading... Related

Tagged: ADFS, New-Object