Windows claim types have two states: disabled and enabled. Disabled claim types are valid claim types, but are unavailable for use in production. Claims of disabled claim types are not issued by domain controllers and disabled claim types are filtered from view in the access rule condition builder. A claim type becomes available for production use once you enable it. Active Roles creates enabled claim types, and allows you to disable and enable claim types as needed.
To disable an enabled claim type
To enable a disabled claim type
- Right-click the claim type object and click Enable.