Change the Federation Service trust policy location

Applies To: Windows Server 2003 R2

The TrustPolicy.xml file contains data that defines a Federation Service in Active Directory Federation Services (ADFS). By sharing the folder that contains this file, you make the data available to other federation servers in a federation server farm that comprises the Federation Service.

If the location of the TrustPolicy.xml file changes, make sure that you update the location on each server in the Federation server farm.

Perform this procedure on a federation server that hosts the TrustPolicy.xml file you want to move. After copying the TrustPolicy.xml file to its new location, update the path on each server in the server farm, and then delete the old TrustPolicy.xml file.

Administrative credentials

To complete this procedure, you must be a member of the Administrators group on the local computer.

To change the location of the trust policy file

  1. Copy the TrustPolicy.xml file from its current location to its new location and share the folder appropriately. (The default location for TrustPolicy.xml is %systemdrive%\ADFS).

  2. Click Start, point to Administrative Tools, and then click Active Directory Federation Services.

  3. Right-click Federation Service, and then click Properties.

  4. On the General tab, replace the text in Trust policy file with the new path to the TrustPolicy.xml file, or click Browse to select it.

  5. Confirm the new path in Trust policy file, and then click OK.

  6. Repeat steps 2 through 5 on each federation server in the server farm.

  7. After successfully reconfiguring each federation server with the new trust policy location, delete the original trust policy file.