Export a generic policy file to a partner organization

  • Article

Applies To: Windows Server 2003 R2

To begin an Active Directory Federation Services (ADFS) federated partnership with another organization, prior to adding resource and account partners, you can export a generic policy file that the other organization can use to configure your organization as either its account or resource partner. For example, if you are administering a resource organization, you can export a generic policy file that the account organization can use to configure your organization as its resource partner in ADFS. You must make the file available to the partner organization, which can then import the file.

The exported generic policy file contains the following information:

  • Your organization's display name

  • Federation Service endpoint URL

  • Federation Service URI

  • Verification certificate (for an exported account partner only)

When the partner organization imports this policy file when adding a resource or account partner that represents your organization, the wizard (Add Resource Partner Wizard or Add Account Partner Wizard) automatically configures the new partner with the correct information for your organization, eliminating the possibility of mistyping the various required identifiers.

Perform this procedure on a federation server that hosts the policy file you want to share with another organization that will become a partner in a federated partnership. The Export Policy command in the Active Directory Federation Services snap-in creates the file with the name and location that you provide.

Administrative credentials

To complete this procedure, you must be a member of the Administrators group on the local computer.

To export a generic policy file

  1. Click Start, point to Administrative Tools, and then click Active Directory Federation Services.

  2. Right-click Trust Policy, and then click Export Policy.

  3. In the Export Generic Partner Policy dialog box, click Browse to browse to the location for the generic policy file (or type the path and file name in Policy file Location, and then click OK).

  4. In the Save As dialog box, in File name, type a name for the generic trust policy file, click Save, and then click OK.

  5. Make the exported file available to the partner organization.

See Also

Concepts

Export an account or resource policy file to a partner organization