With Dynamics CRM and claims-based authentication, there is the concept of the external and internal URL. If user logs into the internal URL, they should be redirected to AD FS using Windows Internal Authentication and not experience a sign-in prompt.
The internal URL is defined on the web address tab for Dynamics CRM within the properties of the deployment in the deployment manager.
- On the CRM server > start > search for deployment manager > open the application
- Select CRM in the left hand navigation > select properties in the actions pane > web address tab
- Specify an alias to access the site that matches the certificate subject and resolves to the CRM web front end server(s) in DNS
Internal URL will have the format of the address you enter for web application in the web address tab with the organization name at the end. For example:
https://crminternal.contoso.com/ContosoCRM
The external URL for CRM should contain the organization name in the beginning:
https://ContosoCRM.contoso.com
There are other factors such as SPN configured for AD FS and placing the AD FS URL in the local intranet zone for the automatic login to complete.
