locked
CRM 2011 IFD RRS feed

  • Question

  • Hi,

     

    I have a problem configuring CRM 2011 with IFD,  I have already enabled the Claim Based authentication and it is working fine.

    After I enable the IFD all users are redirected to the forms authentication page (of the ADFS) even users from inside the company.

    In CRM 4 we used to determine the subnet of the internal network in a registry key or using the IFD tool which is not available in CRM 2011.

    How does CRM 2011 recognize if the request is from the internal or external network?

    In addition after I login from the Federation Server page I got error 404 "Resource is no more available"

    Any advise?

     

    Thanks 

     

     

     

     


    Sunday, August 7, 2011 3:20 PM

Answers

  • Internal vs External is now dependent upon the DNS name you use to connect to the CRM Organisation.  When you went through the Claims/IFD configuration process, you would have setup internal Claims Base authentication on:

    https://internalcrm.domain.com/UniqueOrgName

    or similar.  When you use this address, you will be automatically redirected to the ADFS server, which will automatically authenticate you against AD (provided your browser is configured appropriately); after successful authentication you will be redirected back to the CRM.  This should all be seamless.

    When you use the external DNS address:

    https://UniqueOrgName.domain.com/

    or similar, you must login via forms based authentication once you hit the ADFS server.  Again, after successful authentication you will be redirected back the CRM.

     

    I'm not sure where the 404 comes from but I have seen it happen before; closing all existing browser sessions has usually fixed it.


    --pogo (pat) @ pogo69.wordpress.com
    • Marked as answer by ShadowWorker Monday, August 8, 2011 12:29 PM
    Monday, August 8, 2011 12:24 AM
  • Hi,

    you are right CRM 2011

    Internal URL is the the URL specified in "Web Address" tab

    External URL = <organization name>.domain.com

    I have solved the issue of the internal users being redirected to the "Forms Authentication" page of the ADFS by removing ":443" from the "Web Address" URLs.

    As for the error 404, it seems I need to install the rollup 3

    Thanks

    • Marked as answer by ShadowWorker Monday, August 8, 2011 12:36 PM
    Monday, August 8, 2011 12:34 PM

All replies

  • Internal vs External is now dependent upon the DNS name you use to connect to the CRM Organisation.  When you went through the Claims/IFD configuration process, you would have setup internal Claims Base authentication on:

    https://internalcrm.domain.com/UniqueOrgName

    or similar.  When you use this address, you will be automatically redirected to the ADFS server, which will automatically authenticate you against AD (provided your browser is configured appropriately); after successful authentication you will be redirected back to the CRM.  This should all be seamless.

    When you use the external DNS address:

    https://UniqueOrgName.domain.com/

    or similar, you must login via forms based authentication once you hit the ADFS server.  Again, after successful authentication you will be redirected back the CRM.

     

    I'm not sure where the 404 comes from but I have seen it happen before; closing all existing browser sessions has usually fixed it.


    --pogo (pat) @ pogo69.wordpress.com
    • Marked as answer by ShadowWorker Monday, August 8, 2011 12:29 PM
    Monday, August 8, 2011 12:24 AM
  • Hi,

    you are right CRM 2011

    Internal URL is the the URL specified in "Web Address" tab

    External URL = <organization name>.domain.com

    I have solved the issue of the internal users being redirected to the "Forms Authentication" page of the ADFS by removing ":443" from the "Web Address" URLs.

    As for the error 404, it seems I need to install the rollup 3

    Thanks

    • Marked as answer by ShadowWorker Monday, August 8, 2011 12:36 PM
    Monday, August 8, 2011 12:34 PM