Assigning ADFS 3.0 to an alternative HTTPS port

I have only a single static external IP address I need to use for Exchange therefore need to change the default HTTPS listener port for ADFS and took some time to get to the answer. This is not the solution when using in conjunction with the ADFS Proxy and will look at this another time.

netsh http del urlacl https://+:443/adfs/
netsh http del urlacl https://+:443/FederationMetadata/2007-06/
netsh http add urlacl https://+:444/adfs/ user=”NT SERVICE\adfssrv” delegate=yes

netsh http add urlacl https://+:444/FederationMetadata/2007-06/ user=”NT SERVICE\adfssrv” delegate=yes
Set-ADFSProperties -HttpsPort 444
net stop adfssrv
net start adfssrv
update-msolfederateddomain -domainname:<domain>

The final trick is to install the IIS role and bind the listener to port 444. IIS is not used however this is required for the HTTPS Port to transition correctly.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s