Claim rules for the Security Center relying party trust specify which claims Security Center requires.
Before you begin
- The AD FS Management window must be open on your ADFS server.
- A relying party trust for Security Center must be added to the ADFS server.
- This task is part of the deployment process for third-party authentication using ADFS based on a sample scenario. The instructions and screen captures are based on Windows Server 2016. If you are using a different version, your procedure might be different.
In the AD FS window, click Relying Party
Trusts, select the relying party that corresponds to your Security Center system, and click Edit Claim
Issuance Policy in the Actions pane.
The Edit Claim Issuance Policy window opens.
If no claim rule exists for UPN, add one.
- Click Add Rule.
- In the Claim rule template drop-down list, select Pass Through or Filer an Incoming Claim, and click Next.
Configure the rule and click Finish.
- Claim rule name
- Enter a name that helps you remember the rule.
- Incoming claim type
- Select UPN.
- Pass through all claim values
- Select this option.
If no claim rule exists for Group, add one.
Follow the instructions for UPN claim rule. Only this time, change UPN to Group.
- Click .
Map remote ADFS groups to user groups in Security Center.