Export (0) Print
Expand All

Configuring Claim Rules

Published: February 24, 2012

Updated: February 24, 2012

Applies To: Windows Server 2012



To configure claim rules in your organization, complete each of the tasks in Checklist: Creating Claim Rules for a Claims Provider Trust or Checklist: Creating Claim Rules for a Relying Party Trust, depending on the federation role that your organization will play.

noteNote
When you use either of these checklists, we recommend that you first read the references to understanding claims issuance and claim rules concepts in the AD FS Design Guide in Windows Server 2012 before you begin the procedures for configuring claim rules. Following the checklist in this way provides a better understanding of the design and deployment process claim rules.

In a claims-based identity model, the function of Active Directory Federation Services (AD FS) as a federation service is to issue a token that contains a set of claims. The decision regarding what claims AD FS issues is governed by claim rules. Claim rules (and all server configuration dat) are stored in the AD FS configuration database.

AD FS makes issuance decisions based on identity information that is provided to it in the form of claims and other contextual information. At a high level, AD FSoperates as a rules processor by taking one set of claims as input, performing a number of transformations, and then returning a different set of claims as output.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft