question

LukeLim95131 avatar image
0 Votes"
LukeLim95131 asked piaudonn answered

AD FS Access Control Policies

I just updated my AD FS farm behavior level to 2016. I noticed there is a new Access Control Policies now in the AD FS console.

I noticed there is Access Control Policies in the root folder of AD FS console. In each of the relying party trust, I can also choose or customize the access control policies.

Just to check my understanding.

The Access Control Policies is only to create the various access control policy templates that I want right? It is not to set the overall access control for all the relying party trust right?

And each of the relying party trust, I can choose which access control policy templates if I require different access control logic for the relying applications.

Is my understanding correct?

adfs
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

piaudonn avatar image
0 Votes"
piaudonn answered

Correct. You can pick a different policy by relying party. You can also use the legacy mode (the Issuance Authorization Rules) by setting the Access Policy to $null with PowerShell.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.