Personalized Community is here!
Quickly customize your community to find the content you seek.
Have questions on moving to the cloud? Visit the Dynamics 365 Migration Community today! Microsoft’s extensive network of Dynamics AX and Dynamics CRM experts can help.
2021 Release Wave 1Discover the latest updates and new features to Dynamics 365 planned April 2021 through September 2021.
Release overview guides and videos Release Plan | Preview 2021 Release Wave 1 Timeline
The FastTrack program is designed to help you accelerate your Dynamics 365 deployment with confidence.
FastTrack Program | Finance and Operations TechTalks | Customer Engagement TechTalks | Upcoming TechTalks | All TechTalks
Should AD FS be installed on the same server that is also a DC? Is there a specific role that DC should have?
This is old documentation but is valid still: docs.microsoft.com/.../cc778681(v=ws.10)
Because ADFS requires the installation of Internet Information Services (IIS), we strongly recommend that you not install any ADFS components on a domain controller in a production environment.
Hope it helps!
So is your recommendation that we install it on its OWN windows 2016 or 2019 server or can we install it on the same server as Dynamics CRM?
That's going to depend on the purpose of the installation: If it's a development environment or a Demo/testing purpose with just a few users, then having both things on the same server makes sense. You can read more on this approach on https://docs.microsoft.com/en-us/dynamics365/customerengagement/on-premises/deploy/deploy-and-configure-ad-fs. Please be aware that ADFS will install on the default site and that you'll need to configure a new website for the Dynamics 365 server.
However, for larger installations it's better to have these roles separated. On this link https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/best-practices-securing-ad-fs there's some documentation (and specially a Topology diagram) that depicts that you should have one part on your corporate network (Domain controllers + ADFS) and on a DMZ a Web Application Proxy that will connect to the ADFS. Keep in mind that your Dynamics (WebServers + Database servers) will be on your corporate network.
Business Applications communities