Export (0) Print
Expand All

Mapping Claims as Part of Application Authorization

Updated: September 13, 2007

Applies To: Windows Server 2003 R2

Claims that are used by Active Directory Federation Services (ADFS) make it possible for an application in one organization to recognize and authorize users from a different organization or from the Internet. By creating claims to represent users in the account organization, and mapping them to a group that is recognized by the resource, you can enable authorization of users for applications that are protected by ADFS in a federated scenario.

Task requirements

You must meet the following conditions to perform the procedures for this task:

  • ADFS must be installed to create at least one federation server in your forest or realm.

  • The Active Directory Federation Services snap-in must be running on the federation server.

  • Active Directory or Active Directory Application Mode (ADAM) must be available in the account forest or realm.

  • You must have a plan for creating claims and mapping them to the appropriate users and groups if you are managing an account Federation Service, or to a set of local claims if you are managing a resource Federation Service.

To complete this task, perform the following procedures on an as-needed basis:

See Also

Other Resources

Understanding Claims

Community Additions

© 2016 Microsoft