Although Microsoft AD FS is not able to directly consume the InCommon metadata aggregate, there are numerous third-party tools that can help. One such tool is the ADFSToolkit
AD FS IdP deployments are strongly encouraged to use ADFSToolkit or pysFEMMA to refresh and verify InCommon metadata. |
<md:EntityDescriptor>
element that contains an expired certificate.<md:EntityDescriptor>
elements that contain the same certificate.<md:EntityDescriptor>
element containing more than one encryption key.