Assigning ADFS 3.0 to an alternative HTTPS port

I have only a single static external IP address I need to use for Exchange therefore need to change the default HTTPS listener port for ADFS and took some time to get to the answer. This is not the solution when using in conjunction with the ADFS Proxy and will look at this another time.

netsh http del urlacl https://+:443/adfs/
netsh http del urlacl https://+:443/FederationMetadata/2007-06/
netsh http add urlacl https://+:444/adfs/ user=”NT SERVICE\adfssrv” delegate=yes

netsh http add urlacl https://+:444/FederationMetadata/2007-06/ user=”NT SERVICE\adfssrv” delegate=yes
Set-ADFSProperties -HttpsPort 444
net stop adfssrv
net start adfssrv
update-msolfederateddomain -domainname:<domain>

The final trick is to install the IIS role and bind the listener to port 444. IIS is not used however this is required for the HTTPS Port to transition correctly.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s