Creating a Relying Party Trust in AD FS
Complete the following steps to create a relying party trust for RD Gateway:
- InServer Manager, clickTools, and then selectAD FS Management.
- InAD FS snap-in, underAD FS\Trust Relationships, right-clickRelying Party Trusts, and then clickAdd Relying Party Trust. The Add Relying Party Trust wizard is displayed.
- In the wizard, edit the following fields:
- On the Welcome page, clickStart.
- On the Select Data Source page, clickEnter data about the relying party manually, and then clickNext.
- On the Specify Display Name page, in theDisplay Namefield, enter a display name. For example, RDG.
- On the Choose Profile page, clickAD FS profile, and then clickNext.
- On the Configure Certificate page, clickNext.
- On the Configure URL page, clickNext.
- For theRelying Party Trustidentifier on the Configure Identifiers page, enter the external, fully qualified domain name (FQDN) that you use for RDG access. For example, enter https://rdg.contoso.com/.You use this relying party trust when you publish the app in the Web Application Proxy.
- On the Configure Multi-factor Authentication page, verify that the optionI do not want to configure multi-factor authentication settings for this relying party trust at this timeis selected. Then, clickNext.
- On the Choose Issuance Authorization Rules page, selectpermit all users to access this relying party, and clickNext.
- On the Ready to Add Trust page, review the settings, and clickNextto save your relying party trust information.
- On the Finish page, verify that the optionOpen the Edit Claim Rules dialog for this relying party trust when the wizard closesis not selected. Then clickClose.