- Open an administrative PowerShell prompt on the ADFS server
- If using Server 2008 R2 (ADFS 2.0), add the ADFS Snap-in:
- Set the CertificateDuration property (Note: ‘1095’ below is an example and represents the number of days desired. 1,095 days = 3 years):
Set-AdfsProperties -CertificateDuration 1095
- Create new token certificates with the new duration:
- Update the ADFS metadata stored in the CRM databases by running through the Claims-based Authentication and IFD Wizards in the CRM Deployment Manager.
- Issue an IISRESET on CRM Server(s).
Note: If you have just installed ADFS, and not yet set CRM up for Claims-based Authentication/IFD, you do not need to perform steps 5 and 6.