This is the built-in help made by Microsoft for the command 'Set-ADClaimTransformLink', in PowerShell version 3 - as retrieved from
Windows version 'Microsoft Windows Server 2012 Standard' PowerShell help files on 2016-06-23.
For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.
Applies a claims transformation to one or more cross-forest trust relationships in Active Directory.
Set-ADClaimTransformLink [-Identity] <ADTrust> [-Policy] <ADClaimTransformPolicy> [-AuthType <ADAuthType>] [-Credential <PSCredential>]
[-PassThru [<SwitchParameter>]] [-Server <String>] -TrustRole <ADTrustRole> [-Confirm [<SwitchParameter>]] [-WhatIf [<SwitchParameter>]]
[<CommonParameters>]
The Set-ADClaimTransformLink cmdlet can be used to apply a claims transformation to one or more cross-forest trust relationships in Active
Directory.
<
Online Version: http://go.microsoft.com/fwlink/?LinkId=216409
<
-------------------------- EXAMPLE 1 --------------------------
C:\PS>New-ADClaimTransformPolicy DenyAllPolicy -DenyAll;
Set-ADClaimTransformLink "corp.contoso.com" -Policy DenyAllPolicy -TrustRole Trusted
Set-ADClaimTransformLink "corp.contoso.com" -Policy DenyAllPolicy -TrustRole Trusting
Description
-----------
Apply the claims transformation policy 'DenyAllPolicy' to the trust "corp.contoso.com". The rule is applied to where this domain acts as both
the trusted and trusting domain in the trust. Effectively, the rule is applied to both claims coming in to this domain from its trust partner,
and claims flowing out of this domain towards its trust partner.
Since the specified transformation rule denies all claims to be sent or received, this domain will now deny all claims from being sent to or
received from the other domain (the trust partner).
-------------------------- EXAMPLE 2 --------------------------
C:\PS>New-ADClaimTransformPolicy AllowAllExceptCompanyAndDepartmentPolicy -AllowAllExcept Company,Department;
Get-ADTrust "corp.contoso.com" | Set-ADClaimTransformLink -Policy AllowAllExceptCompanyAndDepartmentPolicy -TrustRole Trusted
Description
-----------
Apply th the claims transformation policy 'AllowAllExceptCompanyAndDepartmentPolicy' to the trust "corp.contoso.com". The rule is applied to
where this domain acts as the trusted domain in the trust. Effectively, the rule is applied to claims flowing out of this domain towards its
trust partner.
Since the specified transformation rule allows all claims to be sent or received except 'Company' and 'Department', this domain will now allow
all claims except the two from being sent to the other domain (the trust partner).
-------------------------- EXAMPLE 3 --------------------------
C:\PS>New-ADClaimTransformPolicy HumanResourcesToHrPolicy -Rule 'C1:[Type=="ad://ext/Department:88ce6e1cc00e9524", Value=="Human Resources",
ValueType=="string"] => issue(Type=C1.Type, Value="HR", ValueType=C1.ValueType);'; Set-ADClaimTransformLink "corp.contoso.com" -Policy
HumanResourcesToHrPolicy -TrustRole Trusting
Description
-----------
Apply the claims transformation policy ' HumanResourcesToHrPolicy' to the trust "corp.contoso.com". The rule is applied to where this domain
acts as the trusting domain in the trust. Effectively, the rule is applied to claims coming in to this domain from its trust partner.
Since the specified transformation rule transforms the value 'Human Resources' into 'HR' in the claim ad://ext/Department:88ce6e1cc00e9524',
this domain will now transform the claim value received from the other domain (the trust partner) from 'Human Resources' to 'HR'.