Setting the TokenLifetime parameter
- If necessary, locate the Display name of your relying party trust. On the AD FS administration console, expand Trust Relationships->Relying Party Trusts. The Display Name appears.
- On the AD FS administration console, navigate to and right-click Start->All Programs->Administrative Tools->Windows PowerShell Modules. Click Run as administrator.
-
Wait for the shell to load and then type:
Set-ADFSRelyingPartyTrust –TargetName <YourDisplayName> –TokenLifetime <yourvalue>
where
<YourDisplayName> is the Display Name of your AD FS system
<yourvalue> is the duration you want to use for session timeout. This value must be greater than what you configure for Web SSO Lifetime parameter in the next step. (If you use Landmark, the timeframe must also be compatible with Landmark as described in the next section.)