Table of contents
TOC
Collapse the table of content
Expand the table of content

Checklist: Creating Claim Rules for a Claims Provider Trust

Bill Mathers|Last Updated: 2/10/2017
|
2 Contributors

Applies To: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

This checklist includes tasks for planning, designing, and deploying claim rules that are associated with a claims provider trust in Active Directory Federation Services (AD FS).

Note

Complete the tasks in this checklist in order. When a reference link takes you to a procedure, return to this topic after you complete the steps in that procedure so that you can proceed with the remaining tasks in this checklist.

creating claim rulesChecklist: Creating a claim rule set for a claims provider trust

TaskReference
creating claim rulesReview concepts about claims, claim rules, claim rule sets, and claim rule templates and how they are associated with federated trusts.creating claim rulesThe Role of Claims

creating claim rulesThe Role of Claim Rules
creating claim rulesReview concepts about how a claim flows through all the stages in the claims issuance pipeline and how rules are processed by the claims issuance engine.creating claim rulesThe Role of the Claims Pipeline

creating claim rulesThe Role of the Claims Engine
creating claim rulesTo effectively plan and implement the output claims that will be issued over this claims provider trust, determine whether one or more claim rules are needed and which claim rules you should use with this claims provider trust.creating claim rulesDetermine the Type of Claim Rule Template to Use
creating claim rulesReview concepts about when to create one claim rule over another and how you can use the claim rule language to provide more complex logic than standard rules in order to provide a desired result in the ideal output claim set.creating claim rulesWhen to Use a Pass Through or Filter Claim Rule

creating claim rulesWhen to Use a Transform Claim Rule

creating claim rulesWhen to Use a Send LDAP Attributes as Claims Rule

creating claim rulesWhen to Use a Send Group Membership as a Claim Rule

creating claim rulesWhen to Use a Custom Claim Rule

creating claim rulesThe Role of the Claim Rule Language
creating claim rulesA claim description must be created if one does not already exist that will fulfill the needs of your organization. AD FS ships with a default set of claim descriptions that are exposed in the AD FS Management snap-in.creating claim rulesAdd a Claim Description
creating claim rulesDepending on the needs of your organization, create one or more claim rules for the acceptance transform rules set that is associated with this claims provider trust so that claims will be issued appropriately.creating claim rulesCreate a Rule to Pass Through or Filter an Incoming Claim

creating claim rulesCreate a Rule to Send LDAP Attributes as Claims

creating claim rulesCreate a Rule to Send Group Membership as a Claim

creating claim rulesCreate a Rule to Transform an Incoming Claim

creating claim rulesCreate a Rule to Send an Authentication Method Claim

creating claim rulesCreate a Rule to Send an AD FS 1.x Compatible Claim

creating claim rulesCreate a Rule to Send Claims Using a Custom Rule
© 2017 Microsoft