ADFS 2.0 - Fixing Broken FederationMetadata
Problem: Active Directory Federation Services's FederationMetadata once failed to be published. Just out of the blue. Whether it was updates or anything but A is A. The usual URL like "https://adfs.server.com:443/FederationMetadata/2007-06/FederationMetadata.xml" was not working so any federated partner will fail to get any changes from local ADFS automatically. After brief search, the reason was found: the Access Control List for FederationMetadata/2007-06/ was removed, hence IIS was redirecting the request to the static file, and not to the adfs service endpoint: >> netsh http show urlacl Reserved URL : http://+:80/adfs/services/ User: NT SERVICE\adfssrv Listen: Yes Delegate: Yes SDDL: D:(A;;GA;;;S-1-5-80-2246541699-21809830-3603976364-117610243-975697593) Reserved URL : https://+:443/adfs/services/ User: NT SERVICE\adfssrv Listen: Yes Deleg