Remove a Federation Trust

  • Article

Applies to: Exchange Server 2010

Removing a federation trust disables federation for the Exchange organization. To enable federation after removing a federation trust, you must create a federation trust, add or update the corresponding Domain Name System (DNS) text (TXT) record in all federated domains with the new application identifier (AppID), and configure a federated organization identifier.

Looking for other tasks related to Federation? Check out Managing Federation.

Use the EMC to remove a federation trust

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Federation trusts" entry in the Exchange and Shell Infrastructure Permissions topic.

  1. In the console tree, click Organization Configuration.
  2. In the result pane, select the federation trust you want to remove.
  3. In the action pane, click Remove Federation Trust.
  4. On the Remove Federation Trust page, inspect the federated domains configured to use the trust.
  5. Click Next to remove the trust.
  6. On the Completion page, review the following, and then click Finish to close the wizard:
    • A status of Completed indicates that the wizard completed the task successfully.
    • A status of Failed indicates that the task wasn't completed. If the task fails, review the summary for an explanation, and then click Back to make any configuration changes.

Use the Shell to remove a federation trust

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Federation trusts" entry in the Exchange and Shell Infrastructure Permissions topic.

To remove a federation trust, you must remove all federated domains configured to use the trust. All federated domains other than the domain used for the account namespace should be removed first. Use the Get-FederatedOrganizationIdentifier cmdlet to retrieve the list of federated domains and the account namespace.

This example removes the federated domain contoso.co.uk with the account namespace domain contoso.com.

Remove-FederatedDomain -DomainName contoso.co.uk
Remove-FederatedDomain -DomainName contoso.com

This example removes the federation trust Microsoft Federation Gateway.

Remove-FederationTrust "Microsoft Federation Gateway"

For detailed syntax and parameter information, see Remove-FederatedDomain and Remove-FederationTrust.