Creating a Relying Party Trust in AD FS

Complete the following steps to create a relying party trust for RD Gateway:
  1. In
    Server Manager
    , click
    Tools
    , and then select
    AD FS Management
    .
  2. In
    AD FS snap-in
    , under
    AD FS\Trust Relationships
    , right-click
    Relying Party Trusts
    , and then click
    Add Relying Party Trust
    . The Add Relying Party Trust wizard is displayed.
  3. In the wizard, edit the following fields:
    • On the Welcome page, click
      Start
      .
    • On the Select Data Source page, click
      Enter data about the relying party manually
      , and then click
      Next
      .
    • On the Specify Display Name page, in the
      Display Name
      field, enter a display name. For example, RDG.
    • On the Choose Profile page, click
      AD FS profile
      , and then click
      Next
      .
    • On the Configure Certificate page, click
      Next
      .
    • On the Configure URL page, click
      Next
      .
    • For the
      Relying Party Trust
      identifier on the Configure Identifiers page, enter the external, fully qualified domain name (FQDN) that you use for RDG access. For example, enter https://rdg.contoso.com/.
      You use this relying party trust when you publish the app in the Web Application Proxy.
    • On the Configure Multi-factor Authentication page, verify that the option
      I do not want to configure multi-factor authentication settings for this relying party trust at this time
      is selected. Then, click
      Next
      .
    • On the Choose Issuance Authorization Rules page, select
      permit all users to access this relying party
      , and click
      Next
      .
    • On the Ready to Add Trust page, review the settings, and click
      Next
      to save your relying party trust information.
    • On the Finish page, verify that the option
      Open the Edit Claim Rules dialog for this relying party trust when the wizard closes
      is not selected. Then click
      Close
      .