web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / CRM 2013 IFD, ADFS 3.0...
Microsoft Dynamics CRM (Archived)

CRM 2013 IFD, ADFS 3.0, Split-DNS

(0) ShareShare
ReportReport
Posted on by Alex Armstrong 155

Hello All,

We seem to be having an issue during the setup of the IFD and would appreciate any assistance for where the problem may be.

Servers:

  • Server 2012 R2 - DC (running ADFS 3.0)
  • Server 2012 R2 - CRM Front-end
  • Server 2012 R2 - CRM Back-end
  • Server 2012 R2 - SQL

DNS (Hybrid/Split):

  • On-premise: internal.domain.com (primary) / domain.com (added second primary lookup zone)
  • Off-premise (hosting provider): domain.com

Our A-record entries are located in the second primary "domain.com" lookup zone:

  • adfs (sts) - DC
  • auth - front-end
  • dws (dev) - front-end
  • internalcrm - front-end

SSL wildcard certificate for *.domain.com purchased through Comodo.

We have setup claims-based authentication with no problems except from Chrome (which we remedied by disabling the extended protection token check and adding user agent for NTLM authentication).

Though after successfully getting claims-based auth functioning without any issues, as soon as we complete the IFD configuration and add the relying party trusts. We then seem to loose the ability to connect internally, receiving an ADFS error page.

Now, we are unsure if this due to our current domain setup or if this is something to do with the steps we have taken to configure the IFD.

We have been using these two guides for what applies to our current setup:
InteractiveWebs & Niran Belliappa MSDN Blog

Any help would be hugely appreciated! Thank you

*This post is locked for comments

I have the same question (0)
  • Ragnar Hilmarsson Profile Picture
    Ragnar Hilmarsson 3,427 on at

    Hi Alex

    What error  do you get?

  • Alex Armstrong Profile Picture
    Alex Armstrong 155 on at

    Internally on the ADFS server - adfs.domain.com

    "An error occurred

    An error occurred. Contact your administrator for more information.

    Error details•Activity ID: 00000000-0000-0000-3008-0080000000fb

    •Error time: Mon, 23 Feb 2015 09:42:09 GMT

    •Cookie: enabled

    •User agent string: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.3; WOW64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729; InfoPath.3; MDDSJS)"

  • Alex Armstrong Profile Picture
    Alex Armstrong 155 on at

    Note: We have enabled form authentication for the intranet and extranet for the Global Authentication Policy of the AD FS.

  • Ragnar Hilmarsson Profile Picture
    Ragnar Hilmarsson 3,427 on at

    Hi

    I think you need more detailed error.

    Try to enable trace on ADFS

    blogs.msdn.com/.../diagnostics-in-ad-fs-2-0.aspx

    Also  you can use fiddler to see what error

    www.telerik.com/.../fiddler

  • Phillip U. Profile Picture
    Phillip U. 2 on at

    I do not have an answer for you but we have a very similar set up here and are experiencing the same issue which is preventing us from putting this in production.  Once IFD is enabled, users can access and authenticate fine through the ADFS login, but accessing the internal URL presents an ADFS error.  Interetsingly, if one navigates to the internal URL after successfully authenticating to the external URL, the session on the internal URL does work, but this is merely a curiosity and does not serve as a usable workaround.

  • Ragnar Hilmarsson Profile Picture
    Ragnar Hilmarsson 3,427 on at

    Hi Phillip  and Alex

    Have you tried to put adfs url to local intranet site in IE?

  • Community Member Profile Picture
    Community Member on at

    Hi Alex, I'm having same issue, but with CRM 2015. Have you been able to fix it? thanks.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Stars!

Meet the Microsoft Dynamics 365 Contact Center Champions

We are thrilled to have these Champions in our Community!

Congratulations to the March Top 10 Community Leaders

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1
JS-09031509-0 Profile Picture

JS-09031509-0 3

#2
AS-17030037-0 Profile Picture

AS-17030037-0 2

#2
Mark Eckert Profile Picture

Mark Eckert 2

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans