Set-AdfsWebApplicationProxyRelyingPartyTrust
Set-AdfsWebApplicationProxyRelyingPartyTrust
Modifies properties of the relying party trust object for the Web Application Proxy.
Syntax
Parameter Set: Default
Set-AdfsWebApplicationProxyRelyingPartyTrust [-AdditionalAuthenticationRules <String> ] [-AdditionalAuthenticationRulesFile <String> ] [-AlwaysRequireAuthentication <Boolean> ] [-Identifier <String[]> ] [-IssuanceAuthorizationRules <String> ] [-IssuanceAuthorizationRulesFile <String> ] [-IssuanceTransformRules <String> ] [-IssuanceTransformRulesFile <String> ] [-Name <String> ] [-NotBeforeSkew <Int32> ] [-Notes <String> ] [-PassThru] [-TokenLifetime <Int32> ] [-Confirm] [-WhatIf] [ <CommonParameters>]
Detailed Description
The Set-AdfsWebApplicationProxyRelyingPartyTrust cmdlet modifies properties of the relying party trust object for Web Application Proxy. You can modify authentication and authorization policies that control all external access through the proxy.
Parameters
-AdditionalAuthenticationRules<String>
Specifies rules for additional authentication on the proxy. For more information about the claim language for rules, see Understanding Claim Rule Language in AD FS 2.0 & Higher (https://social.technet.microsoft.com/wiki/contents/articles/4792.understanding-claim-rule-language-in-ad-fs-2-0-higher.aspx) on TechNet.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-AdditionalAuthenticationRulesFile<String>
Specifies a file that contains rules for additional authentication for this relying party.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-AlwaysRequireAuthentication<Boolean>
Indicates whether access requires authentication, even if this relying party has previously authenticated credentials for access. Specify a value of $True to require users to always supply credentials to access sensitive resources.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-Identifier<String[]>
Specifies an array of unique identifiers. The proxy uses the identifiers that you specify to specify its corresponding relying party trust when it initiates sign-in requests to obtain tokens for itself. No other trust can use an identifier from this list. As common practice, you can use Uniform Resource Identifiers (URIs) as unique identifiers for a relying party trust, or you can use any string.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-IssuanceAuthorizationRules<String>
Specifies the issuance authorization rules for issuing claims to this relying party. Issuance authorization rules control access to applications that are enabled for pre-authentication through Active Directory Federation Services (AD FS), and then accessed through the proxy. By default, all authenticated users can access applications.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
True (ByPropertyName) |
Accept Wildcard Characters? |
false |
-IssuanceAuthorizationRulesFile<String>
Specifies a file that contains the issuance authorization rules for issuing claims to this relying party.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-IssuanceTransformRules<String>
Specifies the issuance transform rules for issuing claims to this relying party. You should not, typically, modify the value of this setting.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
True (ByPropertyName) |
Accept Wildcard Characters? |
false |
-IssuanceTransformRulesFile<String>
Specifies a file that contains the issuance transform rules for issuing claims to this relying party.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-Name<String>
Specifies a name. The cmdlet modifies the Web Application Proxy relying party trust that has the friendly name that you specify.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-NotBeforeSkew<Int32>
Specifies the skew, as an integer, for the time stamp that marks the beginning of the validity period. The higher this number is, the farther back in time the validity period begins with respect to the time that the claims are issued for the relying party. By default, this value is 0. Specify a positive value if validation fails on the Web Application Proxy relying party because the validity period has not yet begun.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-Notes<String>
Specifies notes. The cmdlet stores the notes that you specify for the Web Application Proxy relying party trust.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-PassThru
Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-TokenLifetime<Int32>
Specifies the duration, in minutes, for which the claims that are issued to the relying party are valid.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-Confirm
Prompts you for confirmation before running the cmdlet.
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
<CommonParameters>
This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).
Inputs
The input type is the type of the objects that you can pipe to the cmdlet.
Outputs
The output type is the type of the objects that the cmdlet emits.
Examples
Example 1: Specify authorization rules by using a file
This command specifies authorization rules for the Web Application Proxy relying party trust, based on a file that contains the rules.
PS C:\> Set-AdfsWebApplicationProxyRelyingPartyTrust -IssuanceAuthorizationRulesFile "C:\Rules\RulesFile07"
Related topics
Add-AdfsWebApplicationProxyRelyingPartyTrust
Disable-AdfsWebApplicationProxyRelyingPartyTrust
Enable-AdfsWebApplicationProxyRelyingPartyTrust