Deploying CRM 2011 via IFD in one server

All replies

• 

  

  0

  Sign in to vote

  Theoretically; yes, but with caveats.

  CRM and ADFS must be configured to use HTTPS/SSL, but the ports you use are entirely up to your discretion.  However, configuring HTTPS on port 80 is not only counter-intuitive, I would strongly suggest it would be against the same policies that are restricting you to ports 80 and 443.

  To reiterate, in case it isn't clear - to complete an IFD configuration, ADFS must be configured for HTTPS (not HTTP), regardless of your choice of port (80 or otherwise).

  There are two ways around this:

  1. Install CRM and ADFS on separate servers and configure both on port 443
  2. Install CRM and ADFS on a single multi-homed server, such that CRM and ADFS can "share" port 443; but on different IP addresses - NB: while this is purportedly feasible I am yet to hear of a successful implementation

  
  

  ---

  --pogo (pat) @ pogo69.wordpress.com

  Wednesday, March 28, 2012 10:38 PM
• 

  

  0

  Sign in to vote

  ADFS must use https, and must be on the default website.

  You should be able to setup the server with more than one IP address and then bind the default website to use 443 on one IP address, then the CRM server to another IP.

  Install CRM using an arbitrary port (eg 5555) then reconfigure IIS to bind 443 to the right IP, then change the server properties in deployment manager, set to https and set the URLs (all the same), then configure claims based authentication, then IFD config and finish ADFS config (relying parties for internal and external access).

  ---

  Hope this helps. Adam Vero, MCT

  Wednesday, March 28, 2012 11:05 PM
• 

  

  0

  Sign in to vote

  Thank you all. I'll test next week and will let you know...

  Regards,

  ---

  Guillermo Taylor F.
  IT Pro & Xbox gamer
  My blog

  Tuesday, April 3, 2012 8:30 PM