Export (0) Print
Expand All

Changing the AD FS 2.0 Service Account Password for a WID-Based Federation Server Farm

Published: August 11, 2011

Applies To: Active Directory Federation Services (AD FS) 2.0

Depending on your organizations password policy requirements, you may need to periodically update the domain password assigned to the AD FS 2.0 service account in Active Directory Domain Services (AD DS). After the password for the service account has been changed in AD DS, you will then need to update the AD FS AppPool and the AD FS service account on all federation servers in a Windows Internal Database (WID)-based federation server farm to mirror the new domain password.

You can use the following procedure to update both the AD FS AppPool and the AD FS 2.0 service account password on each federation server in a WID-based federation server farm to match the new domain password that was changed in AD DS.

ImportantImportant
Use this procedure on all of the secondary federation servers first. Once all secondary federation servers in the WID-based federation server farm have been updated, apply this procedure to the primary federation server.

  1. Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.

  2. In the console tree, double-click ComputerName, and then click Application Pools.

  3. In the center pane, right-click AD FS AppPool, and then click Advanced Settings.

  4. In the Advanced Settings dialog box, click Identity, and then click the button.

  5. In the Application Pool Identity dialog box, click the Set button under Custom account.

  6. In the Set Credentials dialog box, type the new password, confirm it, and then click OK three times.

  7. In the center pane, right-click AD FS AppPool, click Stop, right-click AD FS AppPool again, and then click Start.

  8. Click Start, point to All Programs, point to Administrative Tools, and then click Services.

  9. In the center pane, right-click AD FS 2.0 Windows Service, and then click Properties.

  10. In the AD FS 2.0 Windows Service Properties dialog box, click the Log On tab, under This account type the new password, confirm it, and then click OK.

  11. In the center pane, right-click AD FS 2.0 Windows Service, and then click Restart.

  12. Repeat these steps on all federation servers in the WID-based federation server farm.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2015 Microsoft