Update Rollup 2 for Active Directory Federation Services (AD FS) 2.0, which was released last year, addresses five issues:
- Improves AD FS reliability when under load
- Adds a new setting to prevent the whr parameter from overwriting an existing home realm discovery cookie
- Incorporates a fix that prevents the AD FS service from stopping if autoenrollment archives the certificates
- Includes an option for adding AD FS servers in different time zones to a farm that uses WID
- Fixes an issue where AD FS would drop the SAML2 RelayState parameter in certain situations, such as when using IdP initiated scenarios
Description of Update Rollup 2 for Active Directory Federation Services (AD FS) 2.0
https://support.microsoft.com/?id=2681584
Sounds like some good changes in rollup 2, and you think it might be worth implementing in your customized environment, until you look and notice that AD FS 2.0 rollup 2 replaces a huge number of files–not just DLL files behind the scenes, but files that you’ve customized. OH NO, you think, now I have to merge all my carefully crafted customizations into the new files; this is going to take forever.
You scroll through the large list of changed files, which includes:
Commonresources.ar.resx
Commonresources.bg.resx
Commonresources.cs.resx
Commonresources.da.resx
Commonresources.de.resx
Commonresources.el.resx
Commonresources.en.resx
Commonresources.es.resx
Commonresources.et.resx
Commonresources.fi.resx
Commonresources.fr.resx
Commonresources.he.resx
Commonresources.hr.resx
Commonresources.hu.resx
Commonresources.it.resx
Commonresources.ja.resx
Commonresources.ko.resx
Commonresources.lt.resx
Commonresources.lv.resx
Commonresources.nl.resx
Commonresources.no.resx
Commonresources.pl.resx
Commonresources.pt-br.resx
Commonresources.pt-pt.resx
Commonresources.resx
Commonresources.ro.resx
Commonresources.ru.resx
Commonresources.sk.resx
Commonresources.sl.resx
Commonresources.sr.resx
Commonresources.sv.resx
Commonresources.th.resx
Commonresources.tr.resx
Commonresources.uk.resx
Commonresources.zh-cn.resx
Commonresources.zh-hk.resx
Commonresources.zh-tw.resx
Error.aspx
Error.aspx.cs
Formssignin.aspx
Formssignin.aspx.cs
Global.asax
Global.asax.cs
Header_background.png
Homerealmdiscovery.aspx
Homerealmdiscovery.aspx.cs
Idpinitiatedsignon.aspx
Idpinitiatedsignon.aspx.cs
Masterpage.master
Masterpage.master.cs
Signout.aspx
Signout.aspx.cs
Spinner.gif
Stylesheet.css
Web.config
Yep, rollup 2 for AD FS 2.0 replaces all the files in the /adfs/ls directory tree, but it turns out that most of them haven’t actually changed.
The files in /adfs/ls that have been changed for this rollup are:
- IdpInitiatedSignOn.aspx.cs
- \App_GlobalResources\CommonResources.resx
Both changes are very small.
In IdpInitiatedSignOn.aspx.cs
4 lines of of code in Page_Init just move down a bit into an else statement.
PopulateConditionalVisibilityControls(); RelyingPartyDropDownList.DataSource = RelyingParties; RelyingPartyDropDownList.DataBind(); UpdateText();
In \App_GlobalResources\CommonResources.resx the “Culture” changes and a line break moves:
OLD
<data name="Culture" xml:space="preserve"> <value>neutral</value> </data>
NEW
<data name="Culture" xml:space="preserve"> <value>en</value> </data>
OLD (a line break is moved)
<data name="UnauthenticatedText" xml:space="preserve"> <value>Authentication failed. Close the browser and try again, or contact your administrator for more information.</value> </data>
NEW
<data name="UnauthenticatedText" xml:space="preserve"> <value>Authentication failed. Close the browser and try again, or contact your administrator for more information.</value> </data>
Many thanks to Doug McDorman for his analysis of the file changes in rollup 2 for AD FS 2.0.
