Sign in

Microsoft.com

Microsoft

Remove From My Forums

Replacing ADFS 2.0 with some other Security Token Service in CRM 2011 IFD

Question
0

Sign in to vote

Is it possible to use some other STS (Security Token Service) than AD FS 2.0 for claims - based authentication in CRM 2011 IFD?

Saturday, November 12, 2011 12:47 PM

Answers

1

Sign in to vote
Hi,

Yes it is. The STS must support ws-fed and ws-trust standards.

Thanks,

Matios
- Proposed as answer by Matios Bedrosian Tuesday, November 15, 2011 11:47 PM
- Marked as answer by mimbra Wednesday, November 16, 2011 5:27 PM
Tuesday, November 15, 2011 11:47 PM

All replies

1

Sign in to vote
Hi,

Yes it is. The STS must support ws-fed and ws-trust standards.

Thanks,

Matios
- Proposed as answer by Matios Bedrosian Tuesday, November 15, 2011 11:47 PM
- Marked as answer by mimbra Wednesday, November 16, 2011 5:27 PM
Tuesday, November 15, 2011 11:47 PM
0

Sign in to vote

Thanks Matios!

Do you know if there is a documentation/tutorial covering how to configure this at CRM Server 2011 Side?

It would be very helpful if you could point me to the resource for this implementation.

Once again - thanks a lot!

Imbra

Wednesday, November 16, 2011 5:33 PM
0

Sign in to vote

Hello,

The CRM 2011 Claims configuration with another STS is identical to configuring with ADFS 2.0. Please refer to the Microsoft Dynamics CRM 2011 and Claims-based Authentication white paper. In short, you must use the http://<stshost>/federationmetadata/2007-06/federationmetadata.xml URL as you would when configuring against ADFS 2.0. The configuration steps for the STS vary depending on what STS you use. The most important thing to note is the publishing of the UPN to CRM relying party.

Thanks,

Matios

Thursday, November 17, 2011 7:06 PM