Update Rollup 1 resolves the following issues:
- KB2254265 (http://support.microsoft.com/kb/2254265) The "500" error code is returned when you send an HTTP SOAP request to the "/adfs/services/trust/mex" endpoint on a computer that is running Windows Server 2008 R2 or Windows Server 2008
- KB2272757 (http://support.microsoft.com/kb/2272757) An identity-provider-initiated sign-on process is slow in Windows Server 2008 R2 and in Windows Server 2008
- The "400" error code is returned when sending an authentication request to AD FS 2.0 federation server proxy through Windows integrated authentication endpoint (Nego 2)
- Decrease in performance occurs on AD FS 2.0 federation server when a user who is authenticating has a large number of group memberships.
- Failure to join an AD FS 2.0 federation server to an existing SQL-based federation server farm when the AD FS 2.0 administrator that tries the join operation does not have admininistrator rights to the SQL Server database.
- AD FS 2.0 Federation Service cannot create or verify Security Assertion Markup Language (SAML) tokens when the private keys of an AD FS 2.0 token-signing certificate and/or token decryption certificate are stored by using third-party cryptographic service providers (CSP), for example hardware security mode (HSM).