I have two questions:
1. What is the best method to export and then re-import a relying party configuration? I wanted to create a test version of a production relying party trust on the same ADFS and needed to ensure I didn't miss anything. Is there a Powershell command that will do this for me?
2. I attempted to manually recreate the original relying party trust by matching value for value but was unable to duplicate the attribute called "ImpersonationAuthorizationRules". Where is that set?
This is what I am missing in my manual process and was hoping that an export/import would solve my problem.
ImpersonationAuthorizationRules : c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid", Issuer =~ "^(AD
AUTHORITY|SELF AUTHORITY|LOCAL AUTHORITY)$"]
=> issue(store = "_ProxyCredentialStore",
types = ("http://schemas.microsoft.com/authorization/claims/permit"), query = "isProxySid({0})", param = c.Value);
c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid",
Issuer =~ "^(AD AUTHORITY|SELF AUTHORITY|LOCAL AUTHORITY)$"]
=> issue(store = "_ProxyCredentialStore",
types = ("http://schemas.microsoft.com/authorization/claims/permit"), query = "isProxySid({0})", param = c.Value);
c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/proxytrustid",
Issuer =~ "^SELF AUTHORITY$"]
=> issue(store = "_ProxyCredentialStore",
types = ("http://schemas.microsoft.com/authorization/claims/permit"), query = "isProxyTrustProvisioned({0})", param = c.Value);
Your thoughts? Thanks