Changing the AD FS 2.0 Service Account Password for a SQL Server-Based Federation Server Farm

Applies To: Active Directory Federation Services (AD FS) 2.0

Depending on your organizations password policy requirements, you may need to periodically update the domain password assigned to the AD FS 2.0 service account in Active Directory Domain Services (AD DS). After the password for the service account has been changed in AD DS, you will then need to update the AD FS AppPool and the AD FS service account on all federation servers in an SQL Server-based federation server farm to mirror the new domain password.

You can use the following procedure to update both the AD FS AppPool and the AD FS 2.0 service account password on each federation server in an SQL Server-based federation server farm to match the new domain password that was changed in AD DS.

To change the AD FS 2.0 service account password for an SQL Server-based federation server farm

  1. Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.

  2. In the console tree, double-click ComputerName, and then click Application Pools.

  3. In the center pane, right-click AD FS AppPool, and then click Advanced Settings.

  4. In the Advanced Settings dialog box, click Identity, and then click the button.

  5. In the Application Pool Identity dialog box, click the Set button under Custom account.

  6. In the Set Credentials dialog box, type the new password, confirm it, and then click OK three times.

  7. In the center pane, right-click AD FS AppPool, click Stop, right-click AD FS AppPool again, and then click Start.

  8. Click Start, point to All Programs, point to Administrative Tools, and then click Services.

  9. In the center pane, right-click AD FS 2.0 Windows Service, and then click Properties.

  10. In the AD FS 2.0 Windows Service Properties dialog box, click the Log On tab, under This account type the new password, confirm it, and then click OK.

  11. In the center pane, right-click AD FS 2.0 Windows Service, and then click Restart.

  12. Repeat these steps on all federation servers in the SQL Server-based federation server farm.