Backing Up ADFS Components
Applies To: Windows Server 2003 R2
Backing up Active Directory Federation Services (ADFS) components to preserve a snapshot of ADFS state is critical for ensuring a recovery option in the event of lost data or hardware failure.
ADFS state is maintained in the following places:
TrustPolicy.xml file. The default location is %systemdrive%\adfs\sts.
Web.config and other files under %systemdrive%\ADFS\..., especially any customized Web pages (*%systemdrive%\*ADFS\sts\ls).
IIS metabase files (MetaBase.xml and MBSchema.xml) in %systemroot%\System32\Inetsrv (included in system state backup).
Windows registry (included in system state backup).
Custom transform module (.dll) or files related to the custom transform module.
Always back up system state on any federation server, federation server proxy, or Web server that you are backing up. System state contains the following components:
System startup (boot) files. These files are required for Windows Server 2003 to start.
System registry.
IIS settings.
Class registration database of component services. The Component Object Model (COM) is a binary standard for writing component software in a distributed systems environment.
Windows Clustering or Certificate Services, if installed.
Use the following table to identify components to back up on servers that are running ADFS components.
ADFS Component Running on Server | Files and Components to Back Up |
---|---|
Federation Service |
|
Federation Service Proxy |
|
ADFS Web Agent |
|
Note
For a claims-aware application, ADFS settings are contained in the Web.config file. For a Windows NT token-based application, ADFS settings are contained in the IIS metabase files.
Task requirements
You need the following to perform the procedures for this task:
- Backup software
To complete this task, perform the following procedures: