I recently was tasked with troubleshooting a malfunctioning Relying Party Trust on a customers AD FS.

As a troubleshooting step, I wanted to remove the Access Control Policy on the RPT, and go back to the good old IssuanzeAuthorizationPolicy. There does not seem to be any obvious way of doing this via the GUI, so I had to find out if it was possible.

Turns out, someone had already done this. In short, use PowerShell.

To first revert to IssuanzeAuthorizationPolicy:

[powershell] Get-AdfsRelyingPartyTrust “” | Set-AdfsRelyingPartyTrust -AccessControlPolicyName $null [/powershell]

To assign “Permit Everyone” Access Control Policy:

[powershell] Get-AdfsRelyingPartyTrust “” | Set-AdfsRelyingPartyTrust -AccessControlPolicyName “Permit Everyone” [/powershell]