locked
A question about "This relying party publishes the following claim types as accepted claim types in federation metadata" RRS feed

  • Question

  • Hello,

    I am learning AD FS (can any one point me to a good book) I understand what AD FS is and what it is used for any why etc. so I understand the theory but it is the practical/practice I now need to learn well, so I have set a AD FS LAB  (using Server 2016)

    My first question please in AD FS Manager under Relaying party > relaying party trust > claims aware application properties (I downloaded a claims aware test app, but not got it working at the moment) there is a tab entitled

    "This relying party publishes the following claim types as accepted claim types in federation metadata"

    under here this is not entries, e.g. blank, therefore if this area is blank does this mean it will accept 'all' claim types e.g. nothing is being filtered out? alternatively should as least one item exist in this list?

    Thanks All,

    CAshstones

    Sunday, March 11, 2018 10:29 AM

All replies

  • No - it means that you have to add claims rules as appropriate e.g. add LDAP rules to pass given name, surname, UPN and email address as claims.

    https://social.technet.microsoft.com/wiki/contents/articles/4792.understanding-claim-rule-language-in-ad-fs-2-0-higher.aspx

    Monday, March 12, 2018 7:31 PM
  • Thanks very much for the reply

    I will take a look at the link you posted

    CAshtones


    Thursday, March 15, 2018 7:24 AM