Export the Partner Policy of a Partner Organization

Applies To: Windows Server 2008

If you have created an Active Directory Federation Services (AD FS) resource or account partner in your side of a federated partnership, you can export a trust policy file that has information about both your Federation Service and the Federation Service of the respective account partner or resource partner. The policy file contains the following information that the prospective partner can use to configure its Federation Service trust policy:

  • Resource Display Name

  • Resource uniform resource identifier (URI)

  • Resource Federation Server Proxy URL

  • Account Display Name

  • Account URI

  • Account Federation Server Proxy URL

  • Account Verification Certificate

For example, if you are a resource partner, you can export your trust policy file and provide it to the account partner organization. When the account partner adds a resource partner for your organization and selects the option to import your policy file, the Add Resource Partner wizard uses the imported file to automatically update the trust policy with the correct information for both organizations.

Perform this procedure on a federation server that hosts the account partner or resource partner that represents the Federation Service whose policy file you are exporting. The Export Policy command in the Active Directory Federation Services snap-in creates the file with the name and location that you provide.

Membership in Administrators, or equivalent, on the local computer is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (http://go.microsoft.com/fwlink/?LinkId=83477).

To export an account or resource policy file

  1. Click Start, point to Administrative Tools, and then click Active Directory Federation Services.

  2. Double-click Trust Policy, double-click Partner Organizations, and then double-click Account Partners or Resource Partners, depending on the federation server role.

  3. Right-click the appropriate account partner or resource partner, and then click Export Policy.

  4. In the Export Partner Policy dialog box, click Browse to browse to the location where you want to save the policy file,

  5. In File name, type the name of the exported policy file, click Save, and then click OK.

  6. Notify the partner organization and make the exported file available to the partner organization.

Additional references

Checklist: Configuring Both Sides of a Federated Trust Using Export/Import