檢查清單︰ 設定 AD FS 傳送給 AD FS 1.x 同盟服務宣告Checklist: Configuring AD FS to Send Claims to an AD FS 1.x Federation Service

適用於:Windows Server 2016、Windows Server 2012 R2、Windows Server 2012Applies To: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

檢查清單︰ 設定宣告 AD FS 來傳送給 AD FS 1.x 同盟服務Checklist: Configuring AD FS to send claims to an AD FS 1.x Federation Service

此檢查清單會包含所需的設定您的 Active Directory 同盟服務 (AD FS) 同盟服務,傳送宣告可以 AD FS 1 來了解 Windows Server 2012 中的工作。x同盟服務。This checklist includes the tasks that are necessary for configuring your Active Directory Federation Services (AD FS) Federation Service in Windows Server 2012 to send claims that can be understood by an AD FS 1.x Federation Service.

注意

完成此訂單中的檢查清單中的工作。Complete the tasks in this checklist in order. 當參考連結可讓您的程序時,返回本主題之後在您完成該程序中的步驟操作,以便您可以繼續檢查清單中的其餘的工作。When a reference link takes you to a procedure, return to this topic after you complete the steps in that procedure so that you can proceed with the remaining tasks in this checklist.

<span data-ttu-id="36793-108">設定宣告傳送給 AD FS](media/2b05dce3-938f-4168-9b8f-1f4398cbdb9b.gif)**檢查清單︰ 設定宣告 AD FS 來傳送給 AD FS 1.x 同盟服務**</span><span class="sxs-lookup"><span data-stu-id="36793-108">configure AD FS to send claimsChecklist: Configuring AD FS to send claims to an AD FS 1.x Federation Service

工作Task 參考資料Reference
設定宣告傳送給 AD FS 跨平台與 Windows Server 2012 中的 AD FS 舊版 AD FS 計劃以及了解更多有關名稱 ID 宣告類型。Plan for interoperability between AD FS in Windows Server 2012 and previous versions of AD FS and learn more about the Name ID claim type. <span data-ttu-id="36793-113">設定宣告傳送給 AD FS規劃 AD FS 使用的跨平台 1.x](https://technet.microsoft.com/library/ff678040.aspx)configure AD FS to send claimsPlanning for Interoperability with AD FS 1.x
設定宣告傳送給 AD FS 您也可以得到與舊版 AD FS 交互操作之前,您必須先建立信賴廠商信任 AD FS 1 AD FS 同盟服務中。x同盟服務。Before you can achieve interoperability with a previous version of AD FS, you must first create a relying party trust in the AD FS Federation Service to the AD FS 1.x Federation Service. 注意:您無法使用 AD FS 1 中建立信任關係。x使用聯盟中繼資料同盟服務。Note: You cannot create a trust with an AD FS 1.x Federation Service by using federation metadata.

當您設定程序使用中的直接連結信任時,您必須完成以下新增可以廠商信任精靈中交互操作 AD FS 1 信任此設定。x同盟服務:When you set up the trust using the procedure in the link to the right, you must do the following in the Add Relying Party Trust Wizard to set up this trust to interoperate with an AD FS 1.x Federation Service:

1.在選取資料來源頁面上,選取 [輸入資料可以手動廠商信任1. On the Select Data Source page, select Enter data about the relying party trust manually.
2.在選擇設定檔頁面上,選取的設定檔 AD FS 1.0 和 1.12. On the Choose Profile page, select AD FS 1.0 and 1.1 profile.
3.在設定的 URL頁面上,在WS-聯盟被動式 URL,輸入同盟服務端點 URL AD FS 1 中所定義。x的合作夥伴同盟服務。3. On the Configure URL page, under WS-Federation Passive URL, type the Federation Service endpoint URL as defined in the AD FS 1.x Federation Service of the partner.
4.在設定識別碼頁面上,在Relying 部分信任識別碼,輸入同盟服務 URI AD FS 1 中所定義。x的合作夥伴同盟服務。4. On the Configure Identifiers page, under Relying part trust identifier, type the Federation Service URI as defined in the AD FS 1.x Federation Service of the partner.
<span data-ttu-id="36793-122">設定宣告傳送給 AD FS可以廠商信任手動建立](../../ad-fs/operations/Create-a-Relying-Party-Trust.md)configure AD FS to send claimsCreate a Relying Party Trust Manually
設定宣告傳送給 AD FS 在您先前建立的依賴廠商信任,您必須建立理賠要求將需要連入宣告擷取自屬性存放區與通過、篩選或轉換成名稱 ID 規則宣告類型,可以了解,並由 AD FS 1。x同盟服務。On the relying party trust that you created earlier, you must create claim rules that will take incoming claims that were extracted from an attribute store and pass through, filter, or transform them into a Name ID claim type that can be understood and consumed by the AD FS 1.x Federation Service. 注意:您建立本規則之前,請確定您建立此規則宣告規則集合有第一次從屬性存放區擷取輕量型 Directory 存取通訊協定 (LDAP) 屬性理賠要求前出現的規則。Note: Before you create this rule, make sure that the claim rule set where you are creating this rule has a rule that comes before it that first extracts a Lightweight Directory Access Protocol (LDAP) attribute claim from an attribute store. 做為您建立傳送給 AD FS 1 規則輸入,將會使用此理賠要求。x-compatible 理賠要求。This claim will be used as input to the rule that you create to send an AD FS 1.x-compatible claim. 如需如何建立規則解壓縮 LDAP 屬性,請查看建立規則為宣告傳送 LDAP 屬性,For more information about how to create a rule to extract an LDAP attribute, see Create a Rule to Send LDAP Attributes as Claims. <span data-ttu-id="36793-128">設定宣告傳送給 AD FS建立傳送給 AD FS 規則 1.x 相容宣告](../../ad-fs/operations/Create-a-Rule-to-Send-an-AD-FS-1x-Compatible-Claim.md)configure AD FS to send claimsCreate a Rule to Send an AD FS 1.x Compatible Claim
設定宣告傳送給 AD FS 請連絡 1 AD FS 管理員。x同盟服務和 AD FS 1 您的系統管理員。x同盟服務設定新 account 信任合作夥伴。Contact the administrator of the AD FS 1.x Federation Service and have the administrator of the AD FS 1.x Federation Service set up a new account partner trust. 同時,提供同盟服務 URI 的系統管理員 \(以同盟服務 properties),WS-聯盟被動式端點 URL \(同盟服務端點 URL\),及匯出 token\ 簽署憑證檔案 \(的公用按鍵 only)。Also, provide that administrator with the Federation Service URI (in the Federation Service properties), the WS-Federation Passive endpoint URL (the Federation Service endpoint URL), and an exported token-signing certificate file (with public key only). 該系統管理員必須設定信任的這些項目。That administrator will need these items to set up the trust. A N\ 日N/A