Update rollup 2 for AD FS 2.0 is now officially available at http://support.microsoft.com/kb/2681584 for all 18 languages that are supported by AD FS 2.0.
This update rollup includes the hotfixes and the updates that fix 4 product issues and add 1 new capabilities to the product (see summary list below or see KB article above for more information).
- Issue 1: There is a reliability issue in AD FS 2.0 in which AD FS 2.0 Federation Service stops responding to requests in certain cases, especially when there is a large load on AD FS 2.0 federation server or federation server proxy. This issue can occur in both federation passive and federation active scenarios.
- Issue 2: The whr parameter that is specified by an application for a home realm discovery scenario overwrites the previously set home realm discovery cookie. This causes a user to be redirected to a different identity provider that the user cannot use to sign in when the user uses a different application.
- Issue 3: The AD FS 2.0 service stops unexpectedly when a valid certificate is set to the archived state
- Issue 4: When you add an AD FS 2.0 federation server to a Windows Internal Database (WID) farm, you receive an error message. This issue occurs when the federation server is in a time zone that is later than the primary federation server in the WID farm.
- New capability 1: AD FS 2.0 does not fully support the RelayState parameter for Security Assertion Markup Language (SAML) protocol. The Update Rollup 2 for AD FS 2.0 update adds a new capability that enables AD FS 2.0 to consume relay state in order to redirect the user to the RP application.
For more information, please see Supporting Identity Provider Initiated RelayState