web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

🚀 Season of Sharing Community Challenge Launch! 🚀
Ask A Community Pro
Introducing our New Video Series: Community Spotlight
News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / CRM 2013 External DNS ...
Microsoft Dynamics CRM (Archived)

CRM 2013 External DNS Records

(0) ShareShare
ReportReport
Posted on by sheldondsouza 355

Hello Everyone!

We have successfully completed the installation and configuration of CRM 2013 with Claims Based authentication and also enabled IFD. Everything works fine internally. Below is the records we have created.

schs-crms.schs.sharjah.ae (For Internal CRM)

sharjahcityforhumanitarianserv.schs.sharjah.ae (Record created for Internal CRM and Also Public Record Created)

adfs.schs.Sharjah.ae (Record created for ADFS Server Internally and Also Public Record Created)

There are 2 more records dev.schs.sharjah.ae and auth.schs.sharjah.ae which are created and the IP for this records are linked to the server where CRM has been installed. Are these 2 records created correctly and to the right location. Moreover should both these records be published externally?

Lastly can we have all these records on a same IP address with different ports or is it advisable to have different public IPs for each

Kind Regards,

Sheldon D'souza

*This post is locked for comments

I have the same question (0)
  • Suggested answer
    Pradeep Pawar Profile Picture
    Pradeep Pawar 2,930 on at

    You may refer my blog:

    pradeeppawarblog.wordpress.com/.../configure-internet-facing-deployment-for-crm-2011-server-in-more-secure-way-with-adfs-proxy

    Pradeep P

    Cybage Software Pvt.Ltd.

  • Verified answer
    Remon Profile Picture
    Remon 1,485 on at

    Hello Sheldon,

    Your internal url should be only in your internal DNS.

    Your externl url's should be in your internal DNS pointing to your internal ip-addresses AND they should be in your external DNS pointing to your public ip-address (which a firewall should for to the correct CRM server).

    The adfs machine should also have the same address in internal DNS and external DNS available point to the ADFS machine.

    about your last question;

    - it depends on your firewall (software). if your firewall can distinguish traffic on the hostheader, than all can be on a single ip-address. if not you need to split ADFS and CRM on different ip-addresses.

    - ports are irrelevant here as far as I can see.

    Example:

    Internal DNS:

    crm-int.company.com --> 192.168.0.100

    crm-ext.company.com --> 192.168.0.100

    auth.company.com --> 192.168.0.100

    dev.company.com --> 192.168.0.100

    orgname.company.com --> 192.168.0.100

    adfs.company.com --> 192.168.0.101

    External DNS:

    crm-ext.company.com --> 67.68.69.70

    auth.company.com --> 67.68.69.70

    dev.company.com --> 67.68.69.70

    orgname.company.com --> 67.68.69.70

    adfs.company.com --> 67.68.69.70 (or 67.68.69.71 depending on firewall)

    Hope this helps you!

  • sheldondsouza Profile Picture
    sheldondsouza 355 on at

    Thank You so much for you responses. However I do have 2 questions.

    1. What is the difference between crm-ext.company.com and orgname.company.com (Our organization name HOST A record has been created internally and externally and they use that with https to browse)

    2. Do we need the ADFS proxy or can we just NAT dev, auth and orgcompany(ext) to the CRM servers and adfs to the adfs server.

    If we do need the ADFS proxy, than I'm assuming that the public IP with ADFS external DNS record should be pointed to the ADFS proxy server as opposed to the ADFS server and an internal DNS record should be pointing to the ADFS server. (Is this scenario right)

  • Verified answer
    Remon Profile Picture
    Remon 1,485 on at

    Hi Sheldon,

    1. crm-ext and orgname point to the same. Sorry, we never use auth and dev records, instead we create crm-ext record. I made a mistake in above response.

    2. No you do not need a proxy. But for security reasons you could use it and put it in your DMZ. And it's correct that the adfs dns record on internet needs to point the server.

    good luck,

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

🚀 Season of Sharing Community Challenge Launch! 🚀
Ask A Community Pro
Introducing our New Video Series: Community Spotlight

Quick Links

Season of Sharing Community Challenge Launch!

Jump in, show your community spirit, and win prizes!

Women in Power Builds Momentum

Expanding mentorship, skilling, and AI innovation

Congratulations to the April Top 10 Community Leaders

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1
ScottDurow Profile Picture

ScottDurow 2

#2
GJones Profile Picture

GJones 1

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans