Sunday, April 14, 2013

How to Disable Credential Caching in ADFS

If you have session problems in ADFS, you may need to disable Local Security Authority (LSA) credential caching on the AD FS server temporarily. This can affect any application that uses claims based authentication including SharePoint, CRM, Office 365, etc. To do this, you need to:

  1. Create a new DWORD value named LsaLookupCacheMaxSize under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa.
  2. Set the value of LsaLookupCacheMaxSize to 0.
  3. Reboot the ADFS server.
Also see http://support.microsoft.com/kb/2535191