Set the cookie domain for a Windows NT token-based application

Applies To: Windows Server 2003 R2

You can use the cookie domain setting to share an application at a higher level than the domain level that is specified in the Federation Service Uniform Resource Identifier (URI). In this way, you can expand the scope of requests for which a cookie will be sent.

If you do not configure a cookie domain, cookies are sent only for requests where the domain that is specified matches the domain in the Federation Service Uniform Resource Identifier (URI). For example, if no cookie domain is set and the domain in the Federation Service URI is Sales.Adatum.com, cookies are sent for only requests where the request URL matches Sales.Adatum.com. However, if you set Adatum.com as the cookie domain, cookies are sent for Sales.Adatum.com plus requests for any other domain with the suffix Adatum.com. For example, cookies are also sent for Northwest.Adatum.com.

The cookie domain setting is configured in the ADFS Web Agent for an application. For a Windows NT token-based application, configure the ADFS Web Agent in Internet Information Services (IIS).

Administrative credentials

To complete this procedure, you must be a member of the Administrators group on the local computer.

To set the cookie domain for a Windows NT token-based application

1. Click Start, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.

2. Double-click YourComputerName (local computer), and then double-click Web Sites.

3. Right-click your Web site, and then click Properties.

4. On the ADFS Web Agent tab, in Cookie domain, change the domain as needed, and then click OK.

See Also

Concepts

Set the cookie path for a Windows NT token-based application