Change the Federation Service endpoint URL
Applies To: Windows Server 2003 R2
In Active Directory Federation Services (ADFS), the Federation Service endpoint Uniform Resource Locator (URL) is the single location, or "public URL," that is used to contact all federation servers in a server farm. If the public name changes, you must change the Federation Service endpoint URL.
The Federation Service endpoint URL that is specified in the properties of the Trust Policy node of one Federation Service also identifies the Federation Service in the properties of the respective account or resource node in the partner organization. For example, for the account partner Federation Service in an ADFS deployment that has both a resource partner and an account partner, the Federation Service endpoint URL that is specified in the properties of the account partner node on the respective resource federation server must match the Federation Service endpoint URL in the Trust Policy properties on the account federation server. Consequently, if you change the endpoint URL of the Federation Service on the Trust Policy node, an administrator in the partner organization must also change the Federation Service endpoint URL on the corresponding account partner node.
If you install the Federation Service Proxy component of ADFS in a perimeter network, the Federation Service endpoint URL must point to the Federation Service Proxy that forwards requests to the Federation Service. In this case, the Federation Service endpoint URL contains the URL of the Federation Service Proxy rather than the partner Federation Service.
Note
Changes to the Federation Service endpoint URL are received by federation servers through the shared TrustPolicy.xml file. However, this change must be made manually in the trust policy of the corresponding partner organizations.
Administrative credentials
To complete this procedure, you must be a member of the Administrators group on the local computer.
To change the Federation Service endpoint URL
Click Start, point to Administrative Tools, and then click Active Directory Federation Services.
Double-click Federation Service, right-click Trust Policy, and then click Properties.
On the General tab, in Federation Service endpoint URL, select the domain portion of the URL, replace the selected text with the new URL, and then click OK.
Perform the following procedure on the federation server where you are updating the Federation Service URL on the respective account partner or resource partner after it has been changed in the trust policy for the home Federation Service.
Administrative credentials
To complete this procedure, you must be a member of the Administrators group on the local computer.
To change the Federation Service endpoint URL in the account partner or resource partner
Click Start, point to Administrative Tools, and then click Active Directory Federation Services.
Double-click Federation Service, double-click Trust Policy, double-click Partner Organizations, and then double-click Account Partners if you are logged on to the resource federation server, or double-click Resource Partners if you are logged on to the account federation server.
Right-click the account or resource partner whose Federation Service endpoint URL has changed, and then click Properties.
On the General tab, in Federation Service endpoint URL, select the domain portion of the URL, replace the selected text with the new endpoint URL, and then click OK.
See Also
Concepts
Set the application URL for an application
Set the return URL for a claims-aware application
Set the return URL for a Windows NT token-based application