編集

次の方法で共有

Add-AdfsWebApplicationProxyRelyingPartyTrust

Module:
ADFS Module

Adds a relying party trust for the Web Application Proxy.

Syntax

Default (Default) 

Add-AdfsWebApplicationProxyRelyingPartyTrust
    [-Name] <String>
    [-Identifier] <String[]>
    [-AlwaysRequireAuthentication]
    [-Enabled <Boolean>]
    [-AccessControlPolicyName <String>]
    [-AccessControlPolicyParameters <Object>]
    [-AdditionalAuthenticationRules <String>]
    [-AdditionalAuthenticationRulesFile <String>]
    [-NotBeforeSkew <Int32>]
    [-Notes <String>]
    [-PassThru]
    [-TokenLifetime <Int32>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Description

The Add-AdfsWebApplicationProxyRelyingPartyTrust cmdlet adds a relying party trust for Web Application Proxy. Authentication and authorization policies for access to internal web applications through the proxy require Web Application Proxy relying party trust. By default, when you deploy Web Application Proxy, a relying party trust exists.

The Web Application Proxy relying party trust is useful to manage global network access from outside the corporate network. By setting authentication and authorization policies, an administrator can restrict access to internal web applications and services that are published through the Web Application Proxy.

Examples

Example 1: Add a relying party trust

PS C:\> Add-AdfsWebApplicationProxyRelyingPartyTrust

This command adds the Web Application Proxy relying party trust. When you first deploy the Web Application Proxy role service, the trust exists by default. Use this example only if you deleted the Web Application Proxy relying party trust.

Parameters

-AccessControlPolicyName

Specifies the name of the access control policy.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:True
Value from remaining arguments:False

-AccessControlPolicyParameters

Specifies the parameters of the access control policy.

Parameter properties

Type:Object
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:True
Value from remaining arguments:False

-AdditionalAuthenticationRules

Specifies rules for additional authentication on the proxy. For more information about the claims language for rules, see Understanding Claim Rule Language in AD FS 2.0 & Higher on TechNet.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-AdditionalAuthenticationRulesFile

Specifies a file that contains rules for additional authentication for this relying party.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-AlwaysRequireAuthentication

Indicates that the proxy requires authentication for access, even if the proxy has previously authenticated credentials for access. Specify this parameter to require users to always supply credentials to access sensitive resources.

Parameter properties

Type:SwitchParameter
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Parameter properties

Type:SwitchParameter
Default value:False
Supports wildcards:False
DontShow:False
Aliases:cf

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Enabled

Indicates whether to enable this relying party trust. Specify a value of $True for this parameter to allow authentication and authorization to the proxy.

Parameter properties

Type:Boolean
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Identifier

Specifies an array of unique identifiers. The proxy uses the identifiers that you specify to specify its corresponding relying party trust when it initiates sign-in requests to obtain tokens for itself. No other trust can use an identifier from this list. As common practice, you can use Uniform Resource Identifiers (URIs) as unique identifiers for a relying party trust, or use any string.

Parameter properties

Type:

String[]

Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:1
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Name

Specifies a name. The cmdlet adds the Web Application Proxy relying party trust that has the friendly name that you specify.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:0
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-NotBeforeSkew

Specifies the skew, as an integer, for the time stamp that marks the beginning of the validity period. The higher this number is, the further back in time the validity period begins with respect to the time that the claims are issued for the relying party. By default, this value is 0. Specify a positive value if validation fails on the Web Application Proxy relying party because the validity period has not yet begun.

Parameter properties

Type:Int32
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Notes

Specifies notes. The cmdlet stores the notes that you specify for the Web Application Proxy relying party trust.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-PassThru

Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.

Parameter properties

Type:SwitchParameter
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-TokenLifetime

Specifies the duration, in minutes, for which the claims that are issued to the relying party are valid.

Parameter properties

Type:Int32
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Parameter properties

Type:SwitchParameter
Default value:False
Supports wildcards:False
DontShow:False
Aliases:wi

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.