locked
ADFS client domain RRS feed

  • Question

  • This might be a silly question, but I cannot find a hard yes or no for this one. can I have a CRM tenant with an ADFS of their own to provide SSO to my solution, much like 365?

    That is a deployment with IDF and my ADFS server and a tenant with their own domain using their own ADFS with a claim relay into my IDF?

    Tuesday, March 11, 2014 9:52 AM

All replies

  • Don't forget IFD is for a whole deployment, not per org. So to set up one tenant like this would require a separate deployment, as far as I can see.

    You could configure your ADFS to point to their ADFS (like a proxy chain), so you don't have to get directly through to their domain controllers. This is how you would set it up for cross-domain authentication (for non-trusted forests, say).


    Hope this helps.
    Adam Vero, Microsoft Certified Trainer | Microsoft Community Contributor 2011
    UK CRM Guru Blog

    Tuesday, March 11, 2014 3:37 PM
  • Hello Adam,

    the proxy chain configuration is exactly what I am looking for, I am just unsure how to setup the relay between the remote domain ADFS and the IDF ADFS.

    Wednesday, March 12, 2014 9:07 AM