Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
ADFS on One-Server Deployment RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    We want to access CRM 2011 from inside and outside so I try to try to install ADFS for an IFD. This is a one-server deployment on SBS 2008 Premium. However, I get stuck at an early stage, i.e.

    * Can I install ADFS on the same server as CRM, i.e. my SBS 2008? (I read I cannot but I want to)

    * I need to chose between "Federation server" or "Federation server proxy". From the description it seems I need to proxy to handle requests from internet clients. However, do I need to install the actual "Federation server"  on another computer (again, I want it on the same computer)

    * I need to have ADFS on the default website. For IFD I think the the default website is "Microsoft Dynamics CRM". So do I need to point ADFS to that website?

    Besides the IG are there any tutorials/guides/videos/etc that could help for this type of setup?

    Thursday, August 4, 2011 9:40 PM

Answers

  • Question
    Sign in to vote
    3
    Sign in to vote

    * Can I install ADFS on the same server as CRM, i.e. my SBS 2008? (I read I cannot but I want to)

    Yes, you can - our in-house CRM is IFD/ADFS enabled all running on one server under SBS 2008.

     

    * I need to chose between "Federation server" or "Federation server proxy". From the description it seems I need to proxy to handle requests from internet clients. However, do I need to install the actual "Federation server"  on another computer (again, I want it on the same computer)

    Install a stand-alone Federation Server.

    * I need to have ADFS on the default website. For IFD I think the the default website is "Microsoft Dynamics CRM". So do I need to point ADFS to that website?

    ADFS will install itself on the default website - you have no control over this.  If your CRM Server is installed on the default website, this will not work, so it will have to be moved (onto an alternate web application - can still remain on the same server).

    NB also: if your single server is not multi-homed you will only be able to run one of the services on the standard HTTPS port 443 - ADFS or CRM, not both.  You can choose which, but if you wish to run ADFS on a non-standard port, change the bindings on the default website (into which ADFS will be installed) prior to the installation and configuration of ADFS.

     

    --pogo (pat) @ pogo69.wordpress.com
    Thursday, August 4, 2011 11:16 PM

All replies

  • Question
    Sign in to vote
    3
    Sign in to vote

    * Can I install ADFS on the same server as CRM, i.e. my SBS 2008? (I read I cannot but I want to)

    Yes, you can - our in-house CRM is IFD/ADFS enabled all running on one server under SBS 2008.

     

    * I need to chose between "Federation server" or "Federation server proxy". From the description it seems I need to proxy to handle requests from internet clients. However, do I need to install the actual "Federation server"  on another computer (again, I want it on the same computer)

    Install a stand-alone Federation Server.

    * I need to have ADFS on the default website. For IFD I think the the default website is "Microsoft Dynamics CRM". So do I need to point ADFS to that website?

    ADFS will install itself on the default website - you have no control over this.  If your CRM Server is installed on the default website, this will not work, so it will have to be moved (onto an alternate web application - can still remain on the same server).

    NB also: if your single server is not multi-homed you will only be able to run one of the services on the standard HTTPS port 443 - ADFS or CRM, not both.  You can choose which, but if you wish to run ADFS on a non-standard port, change the bindings on the default website (into which ADFS will be installed) prior to the installation and configuration of ADFS.

     

    --pogo (pat) @ pogo69.wordpress.com
    Thursday, August 4, 2011 11:16 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Thank you pogo. Our server is not multi-homed. We also don't want a port number for the CRM website. So can we have CRM as the default website on 443 and ADFS on a non-default website on for instance port 444? Will ADFS still work without any extra steps from the client?

    From your email and other information it seems this is possible. So then the question is how to do this. I have CRM already installed as the default website. So are the following the steps:

    1) Change the bindings on the CRM website
    2) Create a new default website,
    3) Install ADFS which will install into the default website created in 2)
    4) Add certificate to ADFS and at the same time change the port to 444
    5) Change bindings so CRM is again the default website (port 443)

    Does the above look correct?

    I guess if I had not installed anything yet I first would install ADFS, change the bindings and then installc CRM, correct?

     

    Friday, August 5, 2011 7:09 AM
  • Question
    Sign in to vote
    1
    Sign in to vote

    No, ADFS must be installed on the default website - you are given no choice about this during the installation and configuration process.  It will greatly simplify the process if you change the bindings on the default website to HTTPS port 444 before you configure ADFS.

    As I mentioned before, if CRM is currently installed on the default website it must be moved prior to the configuration of ADFS, as ADFS must reside on the default website.  There is only one default website per server.

    CRM does not have to reside on the default website to use port 443 - this is defined by the site bindings, not the site on which it resides.

    --pogo (pat) @ pogo69.wordpress.com
    Friday, August 5, 2011 8:16 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Can anyone clarify the following?

    If ADFS only uses the Default Website, will that Break RWW or RWA?

    SBS doesn't do too well when you multi-home the server, so wouldn't you suggest using port 442 or 444 for the ADFS site and then setting the CRM install to use port 443?

    Wednesday, March 14, 2012 7:41 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    If ADFS only uses the Default Website, will that Break RWW or RWA?

    No, it won't break.  ADFS installs virtual directories in the Default Website, much like Exchange.

    You can split the ports either way:

    1. ADFS / Default Website on 443 and CRM on <whatever>
    2. CRM on 443 and ADFS / Default Website on <whatever>

    But, if you're in the same situation as we are, RWW and OWA etc were already being used via port 443, so we put CRM on 444.

    --pogo (pat) @ pogo69.wordpress.com

    Thursday, March 15, 2012 2:17 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    http://www.interactivewebs.com/blog/index.php/server-tips/microsoft-crm-2011-how-to-configure-ifd-hosted-setup/

    Very Good Blog!!

    vijay kumar

    Tuesday, November 27, 2012 11:13 AM