AD FS 2.0: Browsing to Federation Metadata Fails: "Unable to download federationmetadata.xml"

Symptoms

In Internet Explorer, browsing the following Federation Metadata endpoint fails:

https://{your_federation_service_name}/federationmetadata/2007-06/federationmetadata.xml

 

Internet Explorer displays the following error text:

Unable to download federationmetadata.xml from {your_federation_service_name}.

Unable to open this Internet site. The requested site is either unavailable or cannot be found. Please try again later.

 

Browsing to the other metadata endpoints is successful:

https://{your_federation_service_name}/adfs/fs/federationserverservice.asmx

https://{your_federation_service_name}/adfs/services/trust/mex

 

Cause

If Internet Explorer Enhanced Security Configuration (IE ESC) is enabled, the download of the XML document is blocked.

Resolution

Disable IE ESC:

Windows Server 2003

• Add/Remove Windows Components > Uncheck IE ESC

Windows Server 2008 and later

• Server Manager > "Configure IE ESC" > Disable for Users, Administrators, or both

More Information

If you discover that all metadata endpoints are unavailable, you need to troubleshoot:

1. Connectivity

2. SCHANNEL

3. Problems with the AD FS 2.0 service itself