Complete the Add Applications Wizard

  • Article

Applies To: Windows Server 2003 R2

You can use the Add Application Wizard to add either a claims-aware application or a Windows NT token–based application to the Federation Service trust policy.

Add a claims-aware application

You can use the following procedure to add a claims-aware application to the Federation Service trust policy.

To add a claims-aware application

  1. Click Start, point to Administrative Tools, and then click Active Directory Federation Services.

  2. In the console tree, double-click Federation Service, Trust Policy, and My Organization.

  3. Right-click Applications, point to New, and then click Application.

  4. On the Welcome to the Add Application Wizard page, click Next.

  5. On the Application Type page, click Claims-aware application, and then click Next.

  6. On the Application Details page, do the following, and then click Next:

    • In Application display name, type the name of the application.

    • In Application URL, type the Uniform Resource Locator (URL) of the application.

    Important

    This URL must match the return URL that is configured on the ADFS Web Agent for this application.

  7. On the Accepted Identity Claims page, select each identity claim type that the application will use to make authorization decisions, and then click Next:

    • If the application requires user principal name (UPN) identity claims to make authorization decisions, select the User principal name (UPN) check box.

    • If the application requires e-mail identity claims to make authorization decisions, select the E-mail check box.

    • If the application requires common name identity claims to make authorization decisions, select the Common name check box.

  8. If you do not want to enable the claims-aware application now, on the Enable this Application page, clear the Enable this application check box, and then click Next.

  9. To add the new claims-aware application and close the wizard, click Finish.

Add a Windows NT token–based application

You can use the following procedure to add a Windows NT token–based application to the Federation Service trust policy.

To add a Windows NT token–based application

  1. Click Start, point to Administrative Tools, and then click Active Directory Federation Services.

  2. In the console tree, double-click Federation Service, Trust Policy, and My Organization.

  3. Right-click Applications, point to New, and then click Application.

  4. On the Welcome to the Add Application Wizard page, click Next.

  5. On the Application Type page, click Windows NT token–based application, and then click Next.

  6. On the Application Details page, do the following, and then click Next:

    • In Application display name, type the name of the application.

    • In Application URL, type the Uniform Resource Locator (URL) of the application.

    Important

    This URL must match the return URL that is configured on the ADFS Web Agent for this application.

  7. On the Accepted Identity Claim page, select each identity claim type that the application will use to make authorization decisions, and then click Next:

    • If the application requires user principal name (UPN) identity claims to make authorization decisions, click User principal name (UPN).

    • If the application requires e-mail identity claims to make authorization decisions, click E-mail.

  8. If you do not want to enable the Windows NT token–based application now, on the Enable this Application page, clear the Enable this application check box, and then click Next.

  9. To add the new Windows NT token–based application and close the wizard, click Finish.