Create an outgoing group or custom claim mapping

  • Article

Applies To: Windows Server 2003 R2

In Active Directory Federation Services (ADFS), an organization claim (group or custom) in the account Federation Service must be mapped to an outgoing claim, which the resource Federation Service will receive when an account organization user is requesting access to a resource. On the resource federation server, this claim is received as an incoming claim, which is likewise configured to map to a local organization claim, which the resource Federation Service uses to make authorization decisions.

Perform this procedure on an account federation server. To perform this procedure, you must have created an organization group or custom claim to which you can map the outgoing claim.

Administrative credentials

To complete this procedure, you must be a member of the Administrators group on the local computer.

To create an outgoing group or custom claim mapping

  1. Click Start, point to Administrative Tools, and then click Active Directory Federation Services.

  2. Double-click Federation Service, double-click Trust Policy, double-click Partner Organizations, double-click Resource Partners, right-click the resource partner, point to New, and then click one of the following:

    If you are mapping a group claim, click Outgoing Group Claim Mapping, and then create the mapping as follows:

    1. In the Create a New Outgoing Group Claim Mapping dialog box, in Organization group claims, select the group claim in the account organization that you want to map to the outgoing claim.

    2. In Outgoing group claim name, type the name of the outgoing group claim that you want to send to the resource partner, and then click OK.

    If you are mapping a custom claim, click Outgoing Custom Claim Mapping, and then create the mapping as follows:

    1. In the Create a New Outgoing Custom Claim Mapping dialog box, in Organization custom claims, select the custom claim in the account organization that you want to map to the outgoing claim.

    2. In Outgoing custom claim name, type the name of the outgoing custom claim that you want to send to the resource partner, and then click OK.

See Also

Concepts

Create an organization group or custom claim
Change the organization claim mapping of an outgoing group or custom claim