locked
IFD CRM on sec 443 on only One server RRS feed

  • Question

  • Is that possible?

    I never tried that but what if I bind two NIC's  / IP's on the server and run ADFS internal on port 809?


    Wednesday, December 17, 2014 6:29 AM

All replies

  • Hi,

    I don't think it's possible to run ADFS on port 809 at all, but I am in no way an expert on ADFS (like Chris). IIRC ADFS 2.0 and earlier need 443 to run and later versions of ADFS run on an IIS of their own, pretty much like SSRS does.

    When I've done single server IFD installations I have so far only used ADFS 2.0 so I had to book 443 for the ADFS and used 444 for the CRM, however, if you have two NICs/IPs on the server you should be able to handle ADFS on 443 for one IP and CRM on 443 on the other if you would need to. This is also uncharted water so you can have answers that point in a totally different direction.

    Hope it helps.


    Rickard Norström Developer CRM-Konsulterna
    http://www.crmkonsulterna.se
    Swedish Dynamics CRM Forum: http://www.crmforum.se
    My Blog: http://rickardnorstrom.blogspot.se

    Wednesday, December 17, 2014 9:06 AM
  • ADFS will be installed/configured on IIS Default port 80/443

    Thanks
    Udayan

    Wednesday, December 17, 2014 10:23 PM
  • Which Operating System version are you using for the ADFS Server ?

    If the Operating System is before Windows 2012 R2, then ADFS runs in IIS. In this case, ADFS has to install on the default website (ID = 1), but you can change the bindings on this website to run it on a port other than 443 and/or bind it to a specific IP address.

    With Windows 2012 R2, ADFS runs outside IIS, and I don't know if you can change the ports / bindings that it uses


    Microsoft CRM MVP - http://mscrmuk.blogspot.com/ http://www.excitation.co.uk

    Thursday, December 18, 2014 9:37 AM
    Moderator
  • Wow, can you actually change the port to something other than 443? All instructions I've read says that you have to keep ADFS on the default website and 443. That's great news since I think it's better to keep the CRM on 443, on the other hand, you might be unable to log in because the port you're using for the ADFS might be blocked on the network you're on.


    Rickard Norström Developer CRM-Konsulterna
    http://www.crmkonsulterna.se
    Swedish Dynamics CRM Forum: http://www.crmforum.se
    My Blog: http://rickardnorstrom.blogspot.se

    Thursday, December 18, 2014 9:40 AM
  • Yes, you can use ports other than 443 (at least pre-Windows 2012 R2), though ADFS does need the default website. We did this for a couple of customers who had been using port 443 for CRM (though not on the default website) from pre-ADFS days, so it was preferable to keep CRM on port 443, and put ADFS on a different port.

    Whichever way around you do it, you need different bindings for CRM and ADFS if they're on the same server


    Microsoft CRM MVP - http://mscrmuk.blogspot.com/ http://www.excitation.co.uk

    Thursday, December 18, 2014 8:20 PM
    Moderator
  • hmmm. Let me clear up a bit: I meant fix ADFS to 809 TCP port for internal communication as mentioned in http://technet.microsoft.com/en-us/library/hh699823.aspx and ADFS http://blogs.technet.com/b/bshastri/archive/2014/03/20/dynamics-crm-ifd-on-windows-server-2012-r2-adfs-crm-addin-for-outlook.aspx

    I really would like to know if it is possible to use IFD CRM externally (WWW) on Sec default https 443 on one server serving CRM and ADFS on a MS supported way.

    Tuesday, December 23, 2014 9:49 PM