Specify a Service Account

Applies To: Active Directory Federation Services (AD FS) 2.0, Windows Server 2012

When you configure Active Directory Federation Services (AD FS) 2.0 in a server farm configuration, you must configure the AD FS 2.0 Windows service to run under a domain user account. You must also use this same account to run the same service across all other servers in the same farm. If you do not already have an account dedicated for this purpose, use Active Directory Domain Services (AD DS) to create this user account.

Item Detail

Service account

Provides a space for you to select the name for the service account to be used with AD FS 2.0. Click Browse, and then type the domain service account name to browse and locate the user account.

The following account rights are granted to the service account specified here:

  • Service Logon right. This right is required for an account to logon using the service logon type.

  • Audit Privilege right. This right is required to generate audit log entries.


Type the password for the service account that is specified in Service Account.