Manually updating a claims provider
By default, AD FS 2.0 updates a relying party trust from federation metadata every 24 hours. You should manually update the relying party trust metadata if you make any of the following changes:
You change the encryption certificate used for claims-based authentication.
You change the root domain web addresses. To view these settings:
Start the Deployment Manager.
In the Actions pane, click Properties.
Click the Web Address tab.
You create a new organization.
You change the domains for the server roles for Microsoft Dynamics CRM Server 2011 entered in the IFD Configuration Wizard. To view these settings:
Start the Deployment Manager.
In the Deployment Managerconsole tree, right-click Microsoft Dynamics CRM, and then click Configure Internet-Facing Deployment.
Click Next.
You change the external domain.
You change the certificate common name. To view these settings:
Start the Deployment Manager.
In the Deployment Manager console tree, right-click Microsoft Dynamics CRM, and then click Configure Claims-based authentication.
Click Next twice.
To manually update a relying party trust from federation metadata
Click Start, point to Administrative Tools, and then click AD FS 2.0.
Click the AD FS 2.0\Trust Relationships folder, and then click either Claims Provider Trusts or Relying Party Trusts, depending on which trust you want to update.
In the details pane, right-click the claims provider trust or relying party trust that you want to update from federation metadata.
Click Update from Federation Metadata, and then click Update.
You can specify how often the Federation Service will monitor the federation metadata of relying parties and claims providers that are enabled for federation metadata monitoring.
To set the interval for monitoring metadata for trust partners using Windows PowerShell
Open a Windows PowerShell prompt.
Set the monitoring interval:
PS > Set-ADFSProperties -MonitoringInterval <int>where:
- <int> is the interval in minutes