AdfsApplicationPermission - X-Guardian/AdfsDsc GitHub Wiki

AdfsApplicationPermission

Parameters

Parameter	Attribute	DataType	Description	Allowed Values
ClientRoleIdentifier	Key	String	Specifies a client role identifier.
ServerRoleIdentifier	Key	String	Specifies a server role identifier.
ScopeNames	Write	StringArray[]	Specifies an array of scope names.
Description	Write	String	Specifies a description for the Application Permission.
Ensure	Write	String	Specifies whether the Application Permission should be present or absent. Default value is 'Present'.	`Present`, `Absent`

Description

The AdfsApplicationPermission DSC resource manages Application Permissions within Active Directory Federation Services.

Requirements

Target machine must be running ADFS on Windows Server 2016 or above to use this resource.

Examples

Example 1

This configuration will grant an application permission in Active Directory Federation Services (AD FS).

Configuration AdfsApplicationPermission_Config
{
    Import-DscResource -ModuleName AdfsDsc

    Node localhost
    {
        AdfsApplicationPermission AppPermission1
        {
            ClientRoleIdentifier = '168f3ee4-63fc-4723-a61a-6473f6cb515c'
            ServerRoleIdentifier = 'http://schemas.microsoft.com/ws/2009/12/identityserver/selfscope'
            Description          = "This is the AppPermission1 Description"
            ScopeNames           = 'openid'
        }
    }
}