PowerShell Logo Small

New-ADClaimType



This is the built-in help made by Microsoft for the command 'New-ADClaimType', in PowerShell version 5 - as retrieved from Windows version 'Microsoft Windows Server 2012 R2 Standard' PowerShell help files on 2016-06-23.

For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.

SYNOPSIS

Creates a new claim type in Active Directory.

SYNTAX


New-ADClaimType [-DisplayName] <String> [-AppliesToClasses <String[]>] [-AuthType {Negotiate | Basic}] [-Credential <PSCredential>] [-Description <String>] [-Enabled
<Boolean>] [-ID <String>] [-Instance <ADClaimType>] [-IsSingleValued <Boolean>] [-OtherAttributes <Hashtable>] [-PassThru] [-ProtectedFromAccidentalDeletion <Boolean>]
[-RestrictValues <Boolean>] [-Server <String>] [-SuggestedValues <ADSuggestedValueEntry[]>] -SourceAttribute <String> [-Confirm] [-WhatIf] [<CommonParameters>]
New-ADClaimType [-DisplayName] <String> [-AppliesToClasses <String[]>] [-AuthType {Negotiate | Basic}] [-Credential <PSCredential>] [-Description <String>] [-Enabled
<Boolean>] [-ID <String>] [-Instance <ADClaimType>] [-IsSingleValued <Boolean>] [-OtherAttributes <Hashtable>] [-PassThru] [-ProtectedFromAccidentalDeletion <Boolean>]
[-RestrictValues <Boolean>] [-Server <String>] -SourceOID <String> [-Confirm] [-WhatIf] [<CommonParameters>]
New-ADClaimType [-DisplayName] <String> [-AppliesToClasses <String[]>] [-AuthType {Negotiate | Basic}] [-Credential <PSCredential>] [-Description <String>] [-Enabled
<Boolean>] [-ID <String>] [-Instance <ADClaimType>] [-IsSingleValued <Boolean>] [-OtherAttributes <Hashtable>] [-PassThru] [-ProtectedFromAccidentalDeletion <Boolean>]
[-RestrictValues <Boolean>] [-Server <String>] [-SuggestedValues <ADSuggestedValueEntry[]>] -SourceTransformPolicy -ValueType {Invalid | Int64 | UInt64 | String | FQBN | SID
| Boolean | OctetString} [-Confirm] [-WhatIf] [<CommonParameters>]



Search powershellhelp.space

DESCRIPTION


The New-ADClaimType cmdlet creates a new claim type in Active Directory.



<

RELATED LINKS


Online Version: http://go.microsoft.com/fwlink/p/?linkid=291063

REMARKS

<

Examples


-------------------------- EXAMPLE 1 --------------------------

PS C:\>New-ADClaimType -DisplayName "Title" -SourceAttribute "title"



This command creates a new user claim type with display name Title that is sourced from the AD attribute title.




-------------------------- EXAMPLE 2 --------------------------

PS C:\>$fullTime = New-Object Microsoft.ActiveDirectory.Management.ADSuggestedValueEntry("FTE", "Full-Time", "Full-time employee")
PS C:\> $intern = New-Object Microsoft.ActiveDirectory.Management.ADSuggestedValueEntry("Intern", "Intern", "Student employee")
PS C:\> $contractor = New-Object Microsoft.ActiveDirectory.Management.ADSuggestedValueEntry("Contractor", "Contractor", "Contract employee")
PS C:\> New-ADClaimType -DisplayName "Employee Type" -SourceAttribute "employeeType" -SuggestedValues $fullTime,$intern,$contractor



This example creates a new user claim type with display name Employee Type that is sourced from the AD attribute employeeType. The suggested values are set to FTE, Intern,
and Contractor. Applications using this claim type would allow their users to specify one of the suggested values as this claim type's value.




-------------------------- EXAMPLE 3 --------------------------

PS C:\>New-ADClaimType -DisplayName "Bitlocker Enabled" -SourceOID "1.3.6.1.4.1.311.67.1.1" -Enabled $False



This command creates a new device claim type with display name Bitlocker Enabled with the source OID 1.3.6.1.4.1.311.67.1.1. The claim type set to disabled.




-------------------------- EXAMPLE 4 --------------------------

PS C:\>New-ADClaimType -DisplayName "Title" -SourceAttribute "title" -ID "ad://ext/title"



This command creates a new user claim type with display name Title that is sourced from the AD attribute title and ID set to ad://ext/title.

The ID should only be set manually in a multi-forest environment where the same claim type needs to work across forests. By default, New-ADClaimType generates the ID
automatically. For claim types to be considered identical across forests, their ID must be the same.




-------------------------- EXAMPLE 5 --------------------------

PS C:\>New-ADClaimType -DisplayName "SourceForest" -SourceTransformPolicy -ValueType String



This command creates a new claim type with display name SourceForest that is sourced from the claims transformation policy engine.