Updated as of 4/5/2011: This is an updated video demonstrating how to configure the RTM Dynamics CRM 2011 deployment with claims-based authentication and IFD access. The recording utilizes internally hosted DNS records and signed Certificates from an internal CA. The video is unable to cover purchases of third party certificates, external DNS updates or routing through firewalls as there are too many variations and the Dynamics CRM team is unable to endorse one product over the other.
Keep in mind that both the CRM Site and the ADFS site should be exposed through your firewall in order for external clients to access CRM.
As many of our early adopters have learned by now, configuring an Internet-facing deployment (IFD) has changed pretty drastically from Microsoft Dynamics CRM 4.0 to Microsoft Dynamics CRM 2011.
So what changed?
- First, our dependencies changed. In Dynamics CRM 4.0, we used forms-based authentication for IFD and in Dynamics CRM 2011 we instead take a dependency on claims-based authentication for IFD. Therefore, now it is necessary to install and configure a security token service (such as Active Directory Federation Services 2.0) and also to do more certificate management.
- Second, our configuration steps changed. In Dynamics CRM 4.0, an administrator had two options for configuring IFD. The first option was to specify the IFD settings in an XML configuration file at server installation time. The second option was to use the IFD Configuration Tool which was released out of band. In Dynamics CRM 2011, we made claims-based authentication and IFD configuration post-installation steps to obviate the need for the XML configuration file and built these wizards into our Deployment Manager tool. Administrators that would prefer to script IFD configuration can do so using our new Dynamics CRM PowerShell cmdlets.
- Installing AD FS 2.0
- Configuring the AD FS 2.0 federation server
- Managing certificates
- Configuring Dynamics CRM 2011 for claims-based authentication and IFD
- Creating the relying party trust for CRM and configuring the claims rules on AD FS 2.0
We hope you find this helpful!