You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The AdfsRelyingPartyTrust resource needs to support Access Control Policies.
New resource properties required:
Property Name
Type
Description
AccessControlPolicyName
String
Specifies the name of the Access Control Policy to apply to the relying party trust.
AccessControlPolicyParameters
MSFT_AdfsAccess ControlPolicyParameters
Specifies the parameters and their values to pass to the Access Control Policy.
The MSFT_AdfsAccessControlPolicyParameters class would contain the following properties:
Parameter
Type
ValueMap
Description
GroupParameter
String Array
Specifies the group parameter
This is enough to provide support for the built-in Access Control Policies and the ability to later add support for custom Access Control Policies.
Here are details of the built-in Access Control Policies and what parameters they take:
AccessControlPolicyName AccessControlPolicyParameters
----------------------- -----------------------------
Permit everyone
Permit everyone and require MFA
Permit everyone and require MFA for specific group {GroupParameter}
Permit everyone and require MFA from extranet access
Permit everyone and require MFA from unauthenticated devices
Permit everyone and require MFA, allow automatic device registration
Permit everyone for intranet access
Permit specific group {GroupParameter}
The
AdfsRelyingPartyTrust
resource needs to support Access Control Policies.New resource properties required:
The
MSFT_AdfsAccessControlPolicyParameters
class would contain the following properties:This is enough to provide support for the built-in Access Control Policies and the ability to later add support for custom Access Control Policies.
Here are details of the built-in Access Control Policies and what parameters they take:
Example AccessControlPolicyParameters property:
The text was updated successfully, but these errors were encountered: