I just updated my AD FS farm behavior level to 2016. I noticed there is a new Access Control Policies now in the AD FS console.
I noticed there is Access Control Policies in the root folder of AD FS console. In each of the relying party trust, I can also choose or customize the access control policies.
Just to check my understanding.
The Access Control Policies is only to create the various access control policy templates that I want right? It is not to set the overall access control for all the relying party trust right?
And each of the relying party trust, I can choose which access control policy templates if I require different access control logic for the relying applications.
Is my understanding correct?