locked
Customer Portal and AD Auth RRS feed

  • Question

  • Hi, we are trying to implement Microsoft CRM Customer Portal on-premise. I would like to be able to use AD Auth since my portal will be used for internal team who will be accessing the system via portal. Can someone suggest how to do this?


    • Edited by CRMAdmirer Sunday, February 23, 2014 4:23 AM
    Saturday, February 22, 2014 3:32 PM

Answers

  • If CRM is configured to use AD Authentication, then you can use authentication for the portal just like any other ASP .Net application. If you want to impersonate internal users when accessing CRM, use DefaultNetworkCredentials on the OrganizationServiceProxy. However, if the CRM server runs on a separate machine from the portal, you will probably need to enable Delegation within Active Directory

    Microsoft CRM MVP - http://mscrmuk.blogspot.com/ http://www.excitation.co.uk

    • Marked as answer by CRMAdmirer Tuesday, February 25, 2014 2:01 PM
    Tuesday, February 25, 2014 8:07 AM
    Moderator
  • If the portal users already have AD accounts, then you can configure your portal to use AD authentication (via web.config and/or IIS), and in your code you can identify the user through the .Net framework classes (I think it's Identity.CurrentUser ). If you have a custom field on the contact entity that stores the AD username for internal contacts, then you can query that to find the matching CRM contact. All calls to the CRM Web service should be done using the identity of the Application Pool your portal runs under, which will need to be a CRM User

    Microsoft CRM MVP - http://mscrmuk.blogspot.com/ http://www.excitation.co.uk

    • Marked as answer by CRMAdmirer Tuesday, February 25, 2014 2:01 PM
    Tuesday, February 25, 2014 1:22 PM
    Moderator

All replies

  • Hello,

    Check portal development guide you will get all details.

    HTH


    Our Website | Our Blog | Follow US | My Facebook Page | Microsoft Dynamics CRM 2011 Application Design
    Make sure to "Vote as Helpful" and "Mark As Answer",if you get answer of your question.

    Monday, February 24, 2014 2:28 PM
    Moderator
  • If CRM is configured to use AD Authentication, then you can use authentication for the portal just like any other ASP .Net application. If you want to impersonate internal users when accessing CRM, use DefaultNetworkCredentials on the OrganizationServiceProxy. However, if the CRM server runs on a separate machine from the portal, you will probably need to enable Delegation within Active Directory

    Microsoft CRM MVP - http://mscrmuk.blogspot.com/ http://www.excitation.co.uk

    • Marked as answer by CRMAdmirer Tuesday, February 25, 2014 2:01 PM
    Tuesday, February 25, 2014 8:07 AM
    Moderator
  • Hi,Thanks for the suggestion. In my case portal is hosted on the same machine as the CRM.

    For my case, the portal users though internal are NOT going to be actual usersRecords in CRM. Rather I will have to maintain them as Contacts.

    I plan to store the users loginID on the contacts web-authentication UserID and validate the portal the portal access via the Contacts record. I am not sure how to do that.

    The current web.config for the portal and the codebase seems to be designed around using LiveID. I also saw some articles about changing from LiveID to Forms Auth. But I have to use AD Auth instead... not sure how to do this.

    Any help is appreciated.


    • Edited by CRMAdmirer Tuesday, February 25, 2014 11:13 AM
    Tuesday, February 25, 2014 11:13 AM
  • If the portal users already have AD accounts, then you can configure your portal to use AD authentication (via web.config and/or IIS), and in your code you can identify the user through the .Net framework classes (I think it's Identity.CurrentUser ). If you have a custom field on the contact entity that stores the AD username for internal contacts, then you can query that to find the matching CRM contact. All calls to the CRM Web service should be done using the identity of the Application Pool your portal runs under, which will need to be a CRM User

    Microsoft CRM MVP - http://mscrmuk.blogspot.com/ http://www.excitation.co.uk

    • Marked as answer by CRMAdmirer Tuesday, February 25, 2014 2:01 PM
    Tuesday, February 25, 2014 1:22 PM
    Moderator
  • Ok I see your point. Thanks for the direction. Will try that out.
    • Marked as answer by CRMAdmirer Tuesday, February 25, 2014 2:00 PM
    • Unmarked as answer by CRMAdmirer Tuesday, February 25, 2014 2:01 PM
    Tuesday, February 25, 2014 1:47 PM