Support
 
Phone Get Quote
 
Support
 
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

 

Configure AD FS servers for auditing in your domain - Configure claims

For each relying party that needs to be audited, the following six claim rules need to be added:

  • Primary SID
  • UPN
  • Client IP
  • Inside Corporate Network
  • Proxy
  • Forwarded Client IP

To check which claim rules have already been added:

  1. Log in to the AD FS server with Domain Admin credentials. 
  2. Open the AD FS management console > Trust Relationships > Relying Party Trusts. 
  3. Right-click on the relying party > Edit Claim Rules (or Edit Claim Issuance Policy in case of Windows 2016), and check if all six of the above claim rules have been added.

To add any missing claim rules:

  1. Log in to the AD FS server with Domain Admin credentials. Open the AD FS management console > Trust Relationships > Relying Party Trusts. 
  2. Right-click on the relying party > Edit Claim Rules (or Edit Claim Issuance Policy in case of Windows 2016).
  3. Click Add Rule. From the Claim rule template drop down, select Pass Through or Filter an Incoming Rule and click Next. 
  4. In the Claim rule name field, enter a suitable name. 
  5. Under Incoming claim type, select the claim rule type which you need to add, and select Pass through all claim values. 
  6. Click Finish.
  7. Installing the client-side agent from ADAudit Plus' UI

ADAudit Plus Trusted By

A single pane of glass for complete Active Directory Auditing and Reporting