建立允許所有使用者規則Create a Rule to Permit All Users

適用於:Windows Server 2016、Windows Server 2012 R2Applies To: Windows Server 2016, Windows Server 2012 R2

在 Windows Server 2016,您可以使用存取控制原則來建立可讓所有的使用者存取信賴規則。In Windows Server 2016, you can use an Access Control Policy to create a rule that will give all users access to a relying party. 在 Windows Server 2012 R2,使用允許所有使用者在 Active Directory 同盟服務 (AD FS) 規則範本,您可以建立的可讓所有的使用者存取信賴授權規則。In Windows Server 2012 R2, using the Permit All Users rule template in Active Directory Federation Services (AD FS), you can create an authorization rule that will give all users access to the relying party.

您可以使用其他授權規則進一步的限制存取。You can use additional authorization rules to further restrict access. 使用者可以存取信賴從同盟服務可能仍然無法服務信賴。Users who are permitted to access the relying party from the Federation Service may still be denied service by the relying party.

您可以使用下列程序,以建立 AD FS 管理 snap\ 中理賠要求規則。You can use the following procedures to create a claim rule with the AD FS Management snap-in.

資格在系統管理員,或相當於、在本機電腦上的最低需求完成此程序。Membership in Administrators, or equivalent, on the local computer is the minimum required to complete this procedure. 檢視詳細資料使用適當的帳號,並群組成員資格,本機和網域預設群組Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups.

建立允許所有使用者在 Windows Server 2016 規則To create a rule to permit all users in Windows Server 2016

  1. 在伺服器管理員中,按一下工具,然後選取 [ AD FS 管理In Server Manager, click Tools, and then select AD FS Management.

  2. 主控台中在AD FS,按一下 [做為基礎的派對信任In the console tree, under AD FS, click Relying Party Trusts. 建立規則

  3. 以滑鼠右鍵按一下可以方信任您想要允許存取,然後選取 [編輯存取控制項原則Right-click the Relying Party Trust that you want to permit access to and select Edit Access Control Policy.
    建立規則

  4. 存取控制原則選取讓每個人都,然後按一下 [套用][確定]On the Access control policy select Permit everyone and then click Apply and Ok. 建立規則

建立允許所有使用者在 Windows Server 2012 R2 規則To create a rule to permit all users in Windows Server 2012 R2

  1. 在伺服器管理員中,按一下工具,然後選取 [ AD FS 管理In Server Manager, click Tools, and then select AD FS Management.

  2. 在主控台在AD FS\Trust Relationships\Relying 廠商信任,按一下您想要用來建立此規則清單中的特定信任。In the console tree, under AD FS\Trust Relationships\Relying Party Trusts, click a specific trust in the list where you want to create this rule.

  3. Right\ 按一下信任選取,然後再按一下編輯理賠要求規則Right-click the selected trust, and then click Edit Claim Rules.
    建立規則

  4. 編輯理賠要求規則對話方塊中,按一下 [發行授權規則索引標籤或委派授權規則] 索引標籤 \(根據授權規則類型您 require\),,然後按一下新增規則到 [開始]新增授權理賠要求規則精靈In the Edit Claim Rules dialog box, click the Issuance Authorization Rules tab or the Delegation Authorization Rules tab (based on the type of authorization rule you require), and then click Add Rule to start the Add Authorization Claim Rule Wizard.
    建立規則

  5. 選取 [規則範本頁面上,在理賠要求規則範本、選取允許所有使用者從清單中,然後按一下下一步On the Select Rule Template page, under Claim rule template, select Permit All Users from the list, and then click Next.
    建立規則
  6. 設定規則頁面上,按完成]On the Configure Rule page, click Finish.

  7. 編輯理賠要求規則對話方塊中,按[確定]來儲存規則。In the Edit Claim Rules dialog box, click OK to save the rule.

其他參考資料Additional references

設定理賠要求規則Configure Claim Rules

檢查清單︰ 建立信賴的派對信任理賠要求規則Checklist: Creating Claim Rules for a Relying Party Trust

使用授權理賠要求規則When to Use an Authorization Claim Rule

宣告的角色The Role of Claims

宣告規則的角色The Role of Claim Rules