Azure AD Connect – Change primary server

After changing your AD FS servers you can get an error in the Azure AD connect tool where it referring to your ‘old’ AD FS Servers. Together with an error message like: “Failed to connect to primary AD FS server.”

AADConnect stores this state information in the PersistedState.xml file, which is located in ‘%programdata%\AADConnect\PersistedState.xml’

The AD FS server list is stored in a ‘PersistentStateElement’ in this file in the key: IAdfsConext.TargetAdfsServers

The Value element containts the list of servers AAD Connect is aware of. The server is stored in the key as [<‘Server FQDN in base-64 encodeded format’>,<‘Is primary AD FS’>, <‘Is Configured’>] if there are multiple servers in the list then they are sperated by a ‘;’ character.

  1. Close the Azure AD connect application
  2. Create a backup of the ‘PersistedState.xml’ file
  3. Find the old server key/value and remove this.
  4. Replace or add the new server to the value
  5. Restart the Azure AD connect tool and verify that the new server is found.

To get the FQDN from the base-64 encoded string use this powershell command:

To convert the FQDN to a base-64 encoded string use this command:

I hope this was informative. For questions or comments you can always give a reaction in the comment section or contact me:


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.