Prevent/allow some users in the same AD DS domain from authenticating against a Relying Party RRS feed

  • Question

  • I have AD FS 3.0 infrastructure but looking for a way to allow only some few users to authenticate against a relying party trust. am opened to using an attribute or group or whatever makes sense.

    Any ideas?

    Alert from TechNet Posting

    Tuesday, February 16, 2016 2:18 PM


  • You can create an Issuance Authentication rule on you relying party trust. By default it is permitting all users, but you can remove that default rule and replace it by something more selective:

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, February 16, 2016 2:23 PM