Create an Organization Group Claim or Custom Claim

Applies To: Windows Server 2008

In Active Directory Federation Services (AD FS), an organization group claim is used by the Federation Service to represent a user's membership in a group or role. An organization custom claim is used by the Federation Service to provide custom information, such as an employee identification number, about a user. Group claims and custom claims are created in the same way. You can use the following procedure to create an organization group claim or a custom claim.

Administrators in the account Federation Service create organization group claims and custom claims to represent account users. Administrators in the resource Federation Service create corresponding organization group claims and custom claims to represent groups and users that can be recognized as resource users in the resource Federation Service. Because outgoing claims in the account Federation Service map to incoming claims in the resource Federation Service, the resource Federation Service is able to accept the credentials that are provided by the account Federation Service.

Membership in Administrators, or equivalent, on the local computer is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).

To create an organization group or custom claim

  1. Click Start, point to Administrative Tools, and then click Active Directory Federation Services.

  2. Double-click Federation Service, double-click Trust Policy, double-click My Organization, right-click Organization Claims, point to New, and then click Organization Claim.

  3. In the Create a New Organization Claim dialog box, in Claim name, type a unique name that identifies the group or role for a group claim, or type the name of a custom claim.

Note

You can create a group claim and a custom claim with the same name.

  1. If you want to limit the auditing of the claim to the claim name and omit the value, select the Limit the auditing of this claim check box.

  2. For Specify the claim type, click Group claim or Custom claim, and then click OK.

Additional references

Create an Incoming Group Claim Mapping

Create an Incoming Custom Claim Mapping

Create an Outgoing Group Claim or Custom Claim Mapping