moving relying service to new domain
Tom Poage
tfpoage at ucdavis.edu
Tue Jan 8 10:51:56 EST 2013
On Jan 8, 2013, at 6:58 AM, "Cantor, Scott" <cantor.2 at osu.edu> wrote:
> On 1/8/13 8:02 AM, "Tom Scavo" <trscavo at gmail.com> wrote:
>>
>>> They can be added to
>>> the existing endpoints ahead of time to minimize coordination.
>>
>> I don't think there's any kind of migration strategy that works for
>> endpoints (but I'd love to be told I'm wrong about that :-)
>
> This is an SP, not an IdP. Migration works fine.
FWIW, we did this recently with an InCommon-registered SP, migrating a .org domain to .edu.
It was simply a matter of configuring IIS to accept both, duplicating discovery and ACS end points with the new domain, testing until satisfied, and finally removing the old URLs. We left the entity ID as it was to avoid participating IdPs having to change their configuration.
Tom.
More information about the users
mailing list