Reputation: 1
ADFS Claims Rules
I am trying to understand the difference between the following sets of ADFS claim rules in my environment. Any clarification would be greatly appreciated.
Issuance Authorization Rules: The following rules are under this rule set:
1) BlockMicrosoft.Exchange.RPC
2) Microsoft.Exchange.OfflineAddressBook
3) Microsoft.Exchange.WebServices
4) Block Microsoft SMTP
5) Block Microsoft Pop Imap
6) Block Microsoft Mapi
7) Block Microsoft NSPI
Question:
a) Based on my understanding, these rules are blocking the Outlook client from being accessed from the external network, is that accurate?
b) In addition to blocking the Outlook client, are these rules blocking any other service and/or defining anything else e.g. access to OWA, SharePoint, OneDrive, Outlook etc. via multifactor authentication?
c) How do I configure ADFS claim rules to enforce MFA for OWA, SharePoint, etc. if not already done by the above rules?
Thank you in advance for your time. Ash
Upvotes: 0
Views: 409
Answers (1)
Reputation: 781
Take a look at scenario #5 which explains how to target MFA for browser access @ https://blogs.msdn.microsoft.com/ramical/2014/01/30/under-the-hood-tour-on-multi-factor-authentication-in-adfs-part-1-policy/
Upvotes: 1
Related Questions
- Challenging when having multiple ADFS Claims Providers
- ADFS claims rules string concatenation possible?
- Outlook Add-In Fails to Authenticate Against ADFS Server
- ADFS Claims from multiple Claim Providers
- ADFS PowerShell Claims Rule Combination Sytax
- Claim rules reference previous claims in ADFS?
- ADFS Claims Rule Language
- How to programmatically request a web page from an application which uses ADFS
- WCF, Claims, ADFS 3.0
- ADFS 2012 R2 default Claims provider