locked
Replacing ADFS 2.0 with some other Security Token Service in CRM 2011 IFD RRS feed

  • Question

  • Is it possible to use some other STS (Security Token Service) than AD FS 2.0 for claims - based authentication in CRM 2011 IFD?
    Saturday, November 12, 2011 12:47 PM

Answers

  • Hi,

    Yes it is. The STS must support ws-fed and ws-trust standards.

    Thanks,

    Matios

    • Proposed as answer by Matios Bedrosian Tuesday, November 15, 2011 11:47 PM
    • Marked as answer by mimbra Wednesday, November 16, 2011 5:27 PM
    Tuesday, November 15, 2011 11:47 PM

All replies

  • Hi,

    Yes it is. The STS must support ws-fed and ws-trust standards.

    Thanks,

    Matios

    • Proposed as answer by Matios Bedrosian Tuesday, November 15, 2011 11:47 PM
    • Marked as answer by mimbra Wednesday, November 16, 2011 5:27 PM
    Tuesday, November 15, 2011 11:47 PM
  • Thanks Matios!

    Do you know if there is a documentation/tutorial covering how to configure this at CRM Server 2011 Side?

    It would be very helpful if you could point me to the resource for this implementation.

     

    Once again - thanks a lot!

    Imbra

    Wednesday, November 16, 2011 5:33 PM
  • Hello,

    The CRM 2011 Claims configuration with another STS is identical to configuring with ADFS 2.0. Please refer to the Microsoft Dynamics CRM 2011 and Claims-based Authentication white paper. In short, you must use the http://<stshost>/federationmetadata/2007-06/federationmetadata.xml URL as you would when configuring against ADFS 2.0. The configuration steps for the STS vary depending on what STS you use. The most important thing to note is the publishing of the UPN to CRM relying party.

    Thanks,

    Matios

    Thursday, November 17, 2011 7:06 PM